--- linux-2.4.34/fs/binfmt_elf.c.orig	2007-02-19 13:44:56.338134000 +0100
+++ linux-2.4.34/fs/binfmt_elf.c	2007-02-19 13:47:27.478134000 +0100
@@ -1029,6 +1029,27 @@
 	end_data += load_bias;
 
 #ifdef CONFIG_PAX_RANDMMAP
+#if 0
+/*
+ * randomly changing initial brk randomly breaks existing programs,
+ * including ld-linux.so.2 from glibc run as a program[1] and possibly
+ * more
+ *
+ * [1] see libc/sysdeps/generic/dl-sysdep.c:220:
+ *
+ * if (__sbrk (0) == &_end)
+ *  / * The dynamic linker was run as a program, and so the initial break
+ *      starts just after our bss, at &_end.  The malloc in dl-minimal.c
+ *      will consume the rest of this page, so tell the kernel to move the
+ *      break up that far.  When the user program examines its break, it
+ *      will see this new value and not clobber our data.  * /
+ *   __sbrk (GLRO(dl_pagesize)
+ *           - ((&_end - (void *) 0) & (GLRO(dl_pagesize) - 1)));
+ *
+ * If initial brk is not equal _end, the last page is not reserved,
+ * which leads to semi-random crashes.
+ */
+  
 
 #ifdef CONFIG_PAX_SOFTMODE
 	if (pax_aslr)
@@ -1036,6 +1057,7 @@
 
 	if (current->mm->pax_flags & MF_PAX_RANDMMAP)
 		elf_brk += PAGE_SIZE + pax_delta_mask(get_random_long(), 4, PAGE_SHIFT);
+#endif
 #undef pax_delta_mask
 #endif