Expanding the list of "Hardened Packages"
Tom Lane
tgl at redhat.com
Wed Apr 3 12:38:37 UTC 2013
Jakub Jelinek <jakub at redhat.com> writes:
> If you don't care about the speed of execution of any programs, just compile
> everything with -fsanitize=address (that will be only ~ 2x slowdown or so).
A different issue that worries me about PIE is the impact on the
available address space in 32-bit builds. For instance, people
routinely configure Postgres to allocate a shared-memory area of a
couple GB, so if either the program text or the stack get moved too
much, configurations that used to work will break for lack of enough
contiguous free address space. I haven't been able to find anything
definitive about the worst-case address space wastage due to ASLR in
32-bit builds; anyone here know?
regards, tom lane
More information about the devel
mailing list