• Burger@burggit.moeOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      From my uneducated opinion, yes and no. Kernel ASLR (Address Space Layout Randomization) is a thing, same with PiE (Position independent Executables) the former can be turned on but the latter, you have to compile your software with those flags. PiE offers stack smashing protection. Some distros do not ship this but the list is growing shorter by the day.

      Gentoo allows you to use USE flags which instruct Portage (Gentoo’s package manager) to fetch the libraries required to compile the feature you specified. In short, USE flags basically tell the package what features you want. You can compile your software to be as nimble as possible. Less code means less attack surface that attackers can exploit. On Gentoo even the toolchain you use to compile software is compiled in of itself when you run emerge world.