prelink: is it worth it?
Steve Grubb
sgrubb at redhat.com
Thu Jul 9 18:19:25 UTC 2009
On Thursday 09 July 2009 10:45:55 am devzero2000 wrote:
> There are also other two big problem, imho, now, with prelink support:
>
> 1 - it render impossibile to do a centralizzated integrity checker (with as
> example rfc.sf.net ): very very bad
The aide program in rawhide is prelink friendly. So there are integrity
checkers that can be used.
As for security, prelink stirring around address space randomization is good
for security. For example, this hack needed prelink not to have run to get the
exploit reliable:
http://invisiblethingslab.com/pub/xenfb-adventures-10.pdf
There are more examples like this.
-Steve
More information about the devel
mailing list