What exec-protection mechanisms? I thought most of those were pushed upstream? (Things like
gcc's stack protection, address space randomization, non-executable stack, data and heap, etc.
are, no idea how much they were written by Red Hat in the first place though.) Only thing left
AFAIC was non-exec protection on non x86_64 x86.
That's what I like about Red Hat, that nowadays they push stuff upstream so that everyone
benefits from it. If distros would do that more they'd make each other's lives easier and
improve the whole.