tech-userlevel archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: tcpdump: drop privileges by default?
In article <20090910001424.GA1784%NetBSD.ORG@localhost>,
Thor Lancelot Simon <tls%panix.com@localhost> wrote:
>On Wed, Sep 09, 2009 at 11:44:41PM +0000, Christos Zoulas wrote:
>>
>> To take advantage of ASLR, you should build PIE binaries. Otherwise only
>> the stack segment and the shared libraries get randomized. The issues
>> with making PIE the default are performance and stability.
>
>The performance issues are register pressure and VIVT cache friendliness,
>right? What is the stability issue?
Right. Register pressure is less of an issue since a lot of the code is
already PIC (libc). The stability issue is that we really have not tested
this well. For example we had to fix a bug or two in the dynamic linker for
this to work.
christos
Home |
Main Index |
Thread Index |
Old Index