[saagarjha]

There’s a one sentence nod to this at the bottom:

> Using full RELRO has a slight performance impact during application startup (as the linker has to populate the GOT entries before entering the main function).

In general, the difference for a large application is non-negligible and one should carefully consider the impact before enabling this feature by default.

[tpetry]

> In general, the difference for a large application is non-negligible and one should carefully consider the impact before enabling this feature by default.

And because of that they enabled it for all binaries on Fedora. The fedora users are now testing whether it's possible to activate it by default.

[pjmlp]

From security assessment of view, I consider the impact as being the monetary damage that might happen if an exploit is taken advantage of.

Naturally one might consider it doesn't matter for the use case at hand.

[loeg]

How often are you starting large applications, and how do you define non-negligible here? Milliseconds?

[saagarjha]

This might be important if you're doing something like repeatedly spawning a large shell interpreter, for example.