It's quite silly because they have a wrapper script, and they could just move the Firefox binary to steer people to it.
-
-
-
It works fine for the Tor Browser. No one ever complains. It just boils down to them not caring about security at all.
-
They won't even enable *partial* RELRO, because they care more about the potential cost of a few extra mmap calls.
-
If
@firefox cared about startup time they'd eliminate all the .so's and either fully static link, or only use dyn sys libs. -
Have you seen what they do on Android? They haphazardly monkey patch libc so they can do lazy loading via access violations.
-
Imagine how much better SW would be forced to be if hardened Linux made access violations raise SIGKILL instead of SIGSEGV.
-
PaX does that for NX violations as part of PAGEEXEC (was originally software NX for i386), but not for other forms of SIGSEGV.
-
Firefox is the only application I've ever seen requiring exceptions from PAGEEXEC, and it has needed them for multiple reasons.
- 7 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.