Hi is there a strong performance-wise reason for "Strict user copy checks: Disabled" - IMHO if something may make things more secure while not have a dramatically performance impact security in doubt should go first __________________________________________________ [root@rh:~]$ checksec --kernel * Kernel protection information: Description - List the status of kernel protection mechanisms. Rather than inspect kernel mechanisms that may aid in the prevention of exploitation of userspace processes, this option lists the status of kernel configuration options that harden the kernel itself against attack. Kernel config: /boot/config-3.9.10-200.fc18.x86_64 Warning: The config on disk may not represent running kernel config! GCC stack protector support: Enabled Strict user copy checks: Disabled Enforce read-only kernel data: Enabled Restrict /dev/mem access: Enabled Restrict /dev/kmem access: Enabled
_______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
