On Mon, Jun 11, 2012 at 12:46 AM, René Rhéaume <[email protected]> wrote: > I have a somewhat crazy idea to run JIT code with mprotect enforced: instead > of putting the generated code into anonymous memory, why not put it as a > shared library inside a tmpfs, the the host program simply call dlopen on > it?
This is similar to what USE=orc does — creating an executable in /tmp at runtime. It works with GStreamer on hardened, if allowed by GRKERNSEC_TPE. I still don't like the concept, and switch orc off. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte
