> If you're going to modify the kernel, might as well just install x86_64 instead.
it's an existing kernel config option, nothing needs to be modified.
> Linux never bother with much of the segmentation crap that i386 uses to begin with.
pre 2.0 (iirc) task switching? set_fs()? TLS? ;)
> Sure, it separates userspace from kernel space,
nope, (vanilla) linux uses flat segments, there's no separation at the segment level.
> but it does nothing to protect one task from another. Page tables are used for that purpose.
true but what's that matter here? ;)
> Show me one security errata that was the result of removing segmentation from x86. And I mean for Linux.
every single kernel-dereferences-unintended-userland-pointer bug (something that UDEREF in PaX protects against if you want to see how it's done properly). and asking for actual security errata when the declared policy from high up is to actively suppress them is... too funny if it wasn't so sad at the same time :P. in any case, http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=linux+ker... should get you started.