Am 16.10.2013 09:44, schrieb Jan Kratochvil: > On Wed, 16 Oct 2013 09:20:02 +0200, Dridi Boukelmoune wrote: >> I understand, but what bothers me isn't the prelink bug but prelink >> itself being installed by default (for what it does regardless of the >> bug). > > What exactly bothers you? It (generally) speeds up programs startup. > > As a summary I see prelink has some bugs: > * -y has false mismatches: https://bugzilla.redhat.com/show_bug.cgi?id=666143 yes > * %preun does not unprelink: https://bugzilla.redhat.com/show_bug.cgi?id=841434 yes > * It has a bug that in some cases it slows down the startup (seen on mplayer). > https://lists.fedoraproject.org/pipermail/devel/2013-October/190274.html maybe > * It possibly should disable itself to run on very low memory systems as > there can be running multiple copies of prelinked/unprelinked binaries. it should be disabled everywhere after setup and only opt-in > Plus prelink is affected by bugs in other packages: > * cron: It should not run cron.daily(+weekly...) if the user is not idle or > if the system is running on battery "if the user is not idle" oh yeah, i am idle while coming back from the kitchen, that does not mean that i am 5 seconds after it has started also be idle in general: if i notice someting that much that it should only run if the machine is idle it is *pretty clear* the any gains this crap in theory has are outbeated by the cron runs > systemd should restart daemons which are updated no or at least there should be an opt-out on production systems you do *not* want this on workstations it may not bother > For example openssh-server restarts itself in > %postuninstall but not all packages do so oh yeah, i remeber a multiple times interrupted dist-upgrade via SSH until someone realized that it is a very bad idea to kill the current session too *WHAT* has this to do with the problem that the daemon is restarted after update, not randomized and *later* prelink steps in while the process is already running - my Firefox is running sometimes for days > * tripwire/rkhunter/...: System verificators should use 'prelink -y' the whole prelink idea is broken - period > * FIPS: It should unprelink the whole system if it needs it that way. the whole system shoul dnot be prelinked as default - period > There is remaining security request to have all binaries PIE. IIUC it is for > the case of untrusted files stored at local filesystem accessed by for example > gzip where exploits could be reduced by having for example even gzip PIE. > I do not find it worth the small performance hit but people may disagree the history of the last 3-5 years if someone is *really* following security lists shows pretty clear that *any* binary was exploitable in the one or other way and so it is unacceptable to make distinctions while for a very low price the whole distribution could be hardended the first step to do so would be ban prelink
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
