From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.54) id 1EmLBX-00070p-Uj for garchives@archives.gentoo.org; Wed, 14 Dec 2005 01:12:00 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id jBE1B0dC028253; Wed, 14 Dec 2005 01:11:00 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [134.68.220.30]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id jBE17wSl029012 for <gentoo-dev@lists.gentoo.org>; Wed, 14 Dec 2005 01:07:58 GMT Received: from 82-41-57-20.cable.ubr08.edin.blueyonder.co.uk ([82.41.57.20] helo=snowdrop.home) by smtp.gentoo.org with esmtpa (Exim 4.54) id 1EmL7e-00066R-1I for gentoo-dev@lists.gentoo.org; Wed, 14 Dec 2005 01:07:58 +0000 Received: from localhost.home ([127.0.0.1] helo=snowdrop.home) by snowdrop.home with esmtp (Exim 4.54) id 1EmL7b-0007PX-O9 for gentoo-dev@lists.gentoo.org; Wed, 14 Dec 2005 01:07:55 +0000 Date: Wed, 14 Dec 2005 01:07:53 +0000 From: Ciaran McCreesh <ciaranm@gentoo.org> To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Textrels in packages policy Message-ID: <20051214010753.45ff1cc7@snowdrop.home> In-Reply-To: <20051214002236.GA1863@toucan.gentoo.org> References: <20051213205903.GA27045@aerie.halcy0n.com> <20051213223059.GA2065@gentoo.org> <20051214002236.GA1863@toucan.gentoo.org> X-Mailer: Sylpheed-Claws 2.0.0-rc1 (GTK+ 2.8.8; i686-pc-linux-gnu) Precedence: bulk List-Post: <mailto:gentoo-dev@lists.gentoo.org> List-Help: <mailto:gentoo-dev+help@gentoo.org> List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@gentoo.org> List-Subscribe: <mailto:gentoo-dev+subscribe@gentoo.org> List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org> X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary=Sig_VAq5U+tXblZ65.+p.fatNO9; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-Archives-Salt: aed808e9-b6f1-4b69-848f-789a61baa7c9 X-Archives-Hash: 91ff59699cfc616da0361921ce8908a1 --Sig_VAq5U+tXblZ65.+p.fatNO9 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Wed, 14 Dec 2005 00:22:36 +0000 Mike Frysinger <vapier@gentoo.org> wrote: | > The big issue with | > this is that the text segment is usually suppose to be read only for | > security reasons. But because the text segment needs a relocation, | > it needs to be read-write since the relocation happens at runtime | > dynamically. |=20 | this is correct, a very good reason to fix TEXTRELs. This is only an issue if an application is already insecure. Thus, TEXTRELs shouldn't be considered sufficient reason to avoid marking something stable, any more than we avoid marking code that uses sprintf stable. | another good reason is that since the segment cannot be mapped | readonly, the memory cannot be shared across multiple processes ... | each will need to have its own copy, thus wasting what could be | significant memory resources. Again, that's a big "could be". We don't avoid marking stable code that, say, mallocs lots of space, then fills it with some calculated numbers (for example, the first million prime numbers), even though a better program would allow for that data to be shared. So yes, TEXTRELs when used accidentally are rather sucky. On the other hand, there are legitimate uses for them, and they aren't insecure, nor are they necessarily any worse performance-wise than code that uses other methods. Banning TEXTRELs outright makes no more sense than banning code that uses goto or sprintf -- if TEXTRELs are used accidentally and there's an easy fix, take it, but don't let them stop you from providing the most stable version of a package to your users. Oh, and don't accept reasons like "but they don't work if we enable $obscure_voodoo in the compiler" either. If $obscure_voodoo breaks on legitimate TEXTRELs then $obscure_voodoo is broken, not the code using TEXTRELs. --=20 Ciaran McCreesh : Gentoo Developer (I can kill you with my brain) Mail : ciaranm at gentoo.org Web : http://dev.gentoo.org/~ciaranm --Sig_VAq5U+tXblZ65.+p.fatNO9 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDn3Br96zL6DUtXhERAitbAKDKcoyW1hnXnAxedekRD72i2ZEitACfUsee /L2XQ+nFAPk10RACHnZ4BqA= =Ycam -----END PGP SIGNATURE----- --Sig_VAq5U+tXblZ65.+p.fatNO9-- -- gentoo-dev@gentoo.org mailing list