From nobody Mon Apr 15 01:05:31 2024
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VHprN2dnXz5HQwn
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Mon, 15 Apr 2024 01:05:40 +0000 (UTC)
	(envelope-from jamie@catflap.org)
Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [IPv6:2001:19f0:7400:8808:123::1])
	by mx1.freebsd.org (Postfix) with ESMTP id 4VHprM72Gyz4G51
	for <freebsd-hackers@FreeBSD.org>; Mon, 15 Apr 2024 01:05:39 +0000 (UTC)
	(envelope-from jamie@catflap.org)
Authentication-Results: mx1.freebsd.org;
	none
X-Catflap-Envelope-From: <jamie@donotpassgo.dyslexicfish.net>
X-Catflap-Envelope-To: freebsd-hackers@FreeBSD.org
Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [209.250.224.51])
	by donotpassgo.dyslexicfish.net (8.14.5/8.14.5) with ESMTP id 43F15VLX068211;
	Mon, 15 Apr 2024 02:05:31 +0100 (BST)
	(envelope-from jamie@donotpassgo.dyslexicfish.net)
Received: (from jamie@localhost)
	by donotpassgo.dyslexicfish.net (8.14.5/8.14.5/Submit) id 43F15VoL068210;
	Mon, 15 Apr 2024 02:05:31 +0100 (BST)
	(envelope-from jamie)
From: Jamie Landeg-Jones <jamie@catflap.org>
Message-Id: <202404150105.43F15VoL068210@donotpassgo.dyslexicfish.net>
Date: Mon, 15 Apr 2024 02:05:31 +0100
Organization: Dyslexic Fish
To: shawn.webb@hardenedbsd.org, freebsd-hackers@FreeBSD.org
Subject: Re: Question regarding crunchgen(1) binaries
References: <erhqcnky6qf4adlupgtszkmrihthbdc2tbwtbhgzyltl3pl42c@gsdzinackzhh>
In-Reply-To: <erhqcnky6qf4adlupgtszkmrihthbdc2tbwtbhgzyltl3pl42c@gsdzinackzhh>
User-Agent: Heirloom mailx 12.4 7/29/08
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.7 (donotpassgo.dyslexicfish.net [209.250.224.51]); Mon, 15 Apr 2024 02:05:31 +0100 (BST)
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:20473, ipnet:2001:19f0:7400::/38, country:US]
X-Rspamd-Queue-Id: 4VHprM72Gyz4G51

Shawn Webb <shawn.webb@hardenedbsd.org> wrote:

> 1. Enhance crunchgen(1) to support libc built with LTO.
> 2. Kick crunchgen(1) to the curb.
> 3. Other ideas from the community are possible.
>
> Does anyone find crunchgen(1) to be truly useful in 2024? If we kick
> crunchgen(1) to the curb, we need to modify the build system for
> /rescue binaries.

Please note, my response is not considering the security aspects you raise,
and is only based on the usefulness of /rescue itself.

Do you mean get rid of /rescue, or just getting rid of crunchgen producing
it?

I've been "rescued" by rescue on more than one location - usually systems
that won't mount /usr and also have a screwed up lib.

I wouldn't want to see a static /rescue disappear, and the size would probably
be too large for individual binaries.

Cheers, Jamie