On Tue, 15 Oct 2013 20:25:10 +0200, Paul Wouters wrote:
> - complexity
> - complicated prelink blacklists
> - complicated cron job exclusion with sysconfig
You can always make your software development life more simple by giving up on
some useful feature. That -O2 vs. -O0 build is a good comparison.
> - FIPS foot-bullets
I really do not care and do not run FIPS. Disable/uninstall prelink for FIPS.
> - reduced alsr
I do not know the details but the network facing daemons are already PIE while
most of the binaries - those not facing untrusted data - have no use for PIE.
> Other people added:
>
> - battery drain (i dont care if its cron or not, without prelink no
> drain)
> - sluggish systems when prelink is updating
This is a bug in cron and/or people not running 24x7 machine should not use
prelink at all.
> - additional ram use when logged in for a long time
Answered in:
https://lists.fedoraproject.org/pipermail/devel/2013-October/190237.html
> So far you seem to say "those are not prelink bugs".
True.
> Just the FIPS issue for me
That's for you but majority of Fedora users do not run in FIPS mode.
> Furthermore, in the past I've indicated that we should have support for
> systems booted in FIPS mode with fips=1, where though libraries and
> programs that could not be prelinked should be unprelinked, as the
> sysadmin specifically told us (via fips=1) that they value security over
> speed gains)
OK, great, so unprelink the programs.
> prelink has served us in the past. It's time to let it go.
People continually give up on software performance with better hardware.
64-bit systems nowadays run commonly slower than did the 8-bits in 1980s.
Jan
--
devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
