HLFS 64bit again

goodoldmarty at gmail.com goodoldmarty at gmail.com
Wed Dec 5 07:25:27 PST 2007

Hash: SHA1

> After spending almost a month trying to build a secure 64bit system I
> begin to wonder why, will it be more secure than a 32bit system?
> (will it be less vulrable to buffer overflows due to the larger buffers???)

Maybe a 128 bit system would be better?
Do you own 64 bit applications that won't run on a 32 bit system?

Linux was designed as a 32 bit OS. It is patched to provide a migratory
path to 64 bit. Until 64 bit CPU boards are available (not dual 32 bit)
a 64 bit system is a joke. If you embrace the phallic "bigger is better"
concept you are certainly wasting your time. To put that in perspective,
I manually build/boot the HLFS book in < 24 hours for my 32 bit systems.

The toolchain patches, GRsecurity, and PAX, are the security
enhancements that harden the system. Buffers only get protected from
overflow if you apply the necessary patches. When you omit, or defeat
these things (-fno-pic -fno-pie -fno-something else) you gain no
desirable protections.

What you are trying to build will probably have more bugs, be less
secure, and possibly run slower, than the mainstream 32 bit build.

Marty B

- --
Putting Microsoft in a computer is like putting screen doors in a
submarine. Hopeless.
Version: GnuPG v1.4.5 (GNU/Linux)


More information about the hlfs-dev mailing list