Am 03.04.2013 01:50, schrieb John Reiser:
It does rather seem like we should consider just killing it [prelink], at least by default.
Prelinking shortens the time between execve() and first useful output
in theory
A prelinked module reduces time spent in ld-linux, and increases sharing of pages (which reduces time spent in kernel duplicating copy-on-write pages.) The savings are *visible* when invoking an interactive GUI program that has dozens of shared libraries, or when several hundred smaller executables are invoked each second, such as some 'make' clouds, etc.
not noticeable compared with the security flaws
Some systems want those savings, and are willing to pay with slightly less protection via reduced ASLR.
then THIS SYSTEMS shoudk install prelink but not install it AS DEFAULT
Some administrators compensate by running a full prelink daily, and a partial prelink of "hot" modules (glibc, ...) a few times during the day, even as often as hourly; and with parameters to reduce interference with modules which are not being [re-]prelinked during the current run
fine they should do what they want
but as DEFAULT anything which beats ASLR is UNACCEPTABLE these days