this is clearly an abuse of the Feature Framework as the WITHOUT_ASLR or WITH_ASLR will not be exactly doing what people would expect, but I think this is worth it.

I will test this after the sunset of 12 as we have systems with both ASLR as default and non-default. :/

But so far this looks good to me.

tcberner added a subscriber: tcberner.Dec 27 2023, 7:23 PM

tcberner added inline comments.

lang/php83/Makefile
108	^why does the port need to specify more than the path to the binary? this could be ASLR_UNSAFE+=sapi/cli/php as far as I can see, the `Mk/Features/aslr.mk` already assumes its only the path, no?

finally back to it ;)

Harbormaster completed remote builds in B56871: Diff 136438.Tue, Apr 2, 2:09 PM

bapt marked an inline comment as done.Tue, Apr 2, 2:09 PM

bapt added a reviewer: bofh.Tue, Apr 2, 2:13 PM

To make it less an abuse I'd name the feature something like enforce_aslr. So that it underlines the fact that enabling this feature will force ASLR setting for each port.

I totally forgot about this. I will need to test this on php but I would really like to push this ASAP. Although I want to take a little while for changing php82.