[Dailydave] The sky's downward trajectory

[endrazine]

jf a écrit :
> As I understood it, they are only randomized once at boot time with 4 bits
> of entropy, and it's currently opt-in for most applications (including
> IE), but opt-out for system DLLs. I tend to agree that only randomizing
> once may be an issue, but no one seems to agree with me.
>
>   
well, it prevents caned sploits to be triggered remotly, but is of 
little help against local exploits or patient hackers. Not mentioning 
that any address leakage will nullify the effect of the randomization.

my humble analysis,
Regards,

endrazine-