[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on Fedora Core 1
In a feeble attempt to get the signal-to-noise ratio back on the list
back to an acceptable level (hint, hint), I'd like to offer another
comment on Fedora Core 1.
This is a quote from the RELEASE-NOTES:
o The Fedora Core 1 kernel includes new Exec-shield functionality.
Exec-shield is a security-enhancing modification to the Linux kernel
that makes large parts of specially-marked programs -- including their
stack -- not executable. This can reduce the potential damage of some
security holes. Exec-shield is related to the older "non-exec stack
patch" but has the potential to provide greater protection.
Exec-shield can also randomize the virtual memory addresses at which
certain binaries are loaded. This randomized VM mapping makes it more
difficult for a malicious application to improperly access code or
data based on knowledge of the code or data's virtual address.
For any of you who are running Internet-accessible systems on earlier
versions of Red Hat, I would suggest thinking *very* seriously about
upgrading...
Steve
--
steve@silug.org | Southern Illinois Linux Users Group
(618)398-7360 | See web site for meeting details.
Steven Pritchard | http://www.silug.org/
-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.