gentoo-hardened February 2011 archive
Main Archive Page > Month Archives  > gentoo-hardened archives
gentoo-hardened: Re: [gentoo-hardened] Re: Remove the pic use fl

Re: [gentoo-hardened] Re: Remove the pic use flag in the hardened amd64 profile.

From: Tóth Attila <atoth_at_nospam>
Date: Sun Feb 27 2011 - 15:32:12 GMT
To: gentoo-hardened@lists.gentoo.org

2011.Február 27.(V) 16:19 időpontban Pavel Labushev ezt írta:
> 27.02.2011 21:53, Anthony G. Basile пишет:
>
>> An example of where it does is an attempt to defeat address space
>> randomization by brute force. 32-bit address space is only 4G which is
>> not impossibly large for success by brute force while 64-bits is about
>> 10^19. A lot harder.
>
> Another point: UDEREF on x86 is more reliable than on amd64. Choose x86 if
> your big concern is to protect the kernel from userland (like, if you use
> privilege separation/revocation not just because it looks fancy on paper).
>

More reliable? Interesting. Do you have a link about this?
Apart from older systems 32bit will be with us at least because of the ARM
architecture.