Dear Fedora developers or Experts! In these days I am mostly engaged in the task of choosing a free and secure Linux ditribution for our university. I've read some documents from this field but I am in doubt in a few areas: When i look at Ingo Molnar's Exec Shield patch web page (http://people.redhat.com/mingo/exec-shield/), I got the impression that a fully feature Exec Shield patch set exists only for the 2.4 series of the Linux kernels, and on the 2.6 series it only provides NX. Am I correct? Is there an (maybe exprimental) Exec Shield patch for 2.6 kernels which provides full ALSR functionality, including the relocation of PIE binaries? If not, then I wonder why is it so difficult to be done for the 2.6 series. (For example PaX is still considered experimental on 2.6!) Are the Fedora packages linked with BIND_NOW option to make the -z relro linking option even more effective? Thank you for the information! Best regards: Nemeth, Tamas IT administrator University of West-Hungary, Sopron, Hungary -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
