that PaX actually works?
more seriously, the proper approach is what PaX does, that is, randomize the main executable around the (arch specific) normal executable base address, instead of as a regular mmap mapping.
Maybe the PAX team should chime in and save some people alot of work?
i actually talked to a SuSE security guy many months ago and suggested to just take the PaX bits, instead of cooking up their own, but to no avail apparently. other than that, i can't send email to lkml since last june or so (some spam filtering stuff i think, but both mail admins ignored my requests to resolve the problem), nor does Linus take anonymous contributions anymore.
Posted: Fri May 11, 2007 10:42 pm