prelinking only the most used binaries won't necessarily help; that will necessarily prelink libc and ld.so as well, and while these will benefit from ASLR when a non-prelinked app is run, if the attacker can wander around the libc's ELF structures it can determine what its preferred load address is in any case, even though it wasn't actually loaded there.
Personally, I prelink non-network-exposed systems only (and make my network-exposed systems stripped-down UML instances).
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds