Date: Thu, 8 Oct 2009 19:05:27 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Daniel Eischen <deischen@freebsd.org> Cc: jhell <jhell@DataIX.net>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>, Oliver Lehmann <lehmann@ans-netz.de> Subject: Re: samba - SIGABRT Message-ID: <alpine.BSF.2.00.0910081903390.38834@fledge.watson.org> In-Reply-To: <Pine.GSO.4.64.0910081057150.25965@sea.ntplx.net> References: <20091007200959.3c93904f.lehmann@ans-netz.de> <alpine.BSF.2.00.0910071451030.25972@qvzrafvba.5c.ybpny> <20091008062326.11720.qmail@avocado.salatschuessel.net> <alpine.BSF.2.00.0910081542130.95451@fledge.watson.org> <Pine.GSO.4.64.0910081057150.25965@sea.ntplx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 8 Oct 2009, Daniel Eischen wrote: >> While it's probably a bug that the Samba port compiles --pie, it's also a >> bug that our linking bits aren't handling PIE properly either. The goal is >> to fix PIE with the non-NULL mapping feature in the immediate future, so >> with any luck the abort message won't matter too much longer. > > How about reverting this change or defaulting security.bsd.map_at_zero=1 > until either ports can handle this properly or our -pie is fixed, and we've > had at least a release with pre-built packages that don't have the problem? Sorry, I should have been more clear: the problem is with run-time linking, not compile-time linking. Kostik has just posted patches for the run-time linker to current@, which should allow the existing binaries to work with map_at_zero=0. If we aren't able to get the run-time linker fixes into 8.0, we will definitely revert the default change for map_at_zero so that it is enabled. However, since there is a significant security benefit to shipping with map_at_zero disabled, I think we should try hard to ship 8.0 with a fixed rtld. Robert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0910081903390.38834>