From owner-freebsd-current@FreeBSD.ORG Fri May 26 18:49:25 2006 Return-Path: X-Original-To: freebsd-current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4066B16AF8E; Fri, 26 May 2006 18:49:25 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0F8BD43D5F; Fri, 26 May 2006 18:49:20 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id EC5971A4DAC; Fri, 26 May 2006 11:49:19 -0700 (PDT) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 60A9851203; Fri, 26 May 2006 14:49:19 -0400 (EDT) Date: Fri, 26 May 2006 14:49:19 -0400 From: Kris Kennaway To: Robert Watson Message-ID: <20060526184919.GA69830@xor.obsecurity.org> References: <20060526153422.GB25953@obiwan.tataz.chchile.org> <20060526193048.Y77521@fledge.watson.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="u3/rZRmxL6MmkK24" Content-Disposition: inline In-Reply-To: <20060526193048.Y77521@fledge.watson.org> User-Agent: Mutt/1.4.2.1i Cc: freebsd-security@FreeBSD.org, freebsd-current@FreeBSD.org, Jeremie Le Hen Subject: Re: Integrating ProPolice/SSP into FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2006 18:49:37 -0000 --u3/rZRmxL6MmkK24 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 26, 2006 at 07:41:31PM +0100, Robert Watson wrote: >=20 > On Fri, 26 May 2006, Jeremie Le Hen wrote: >=20 > >first sorry for cross-posting but I thought this patch might interest=20 > >-CURRENT users as well as people concerned by security. > > > >I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step=20 > >further than it has been realized so far. >=20 > This looks very neat. >=20 > Could you remind me what, if any, ABI issues might exist? I'm familiar= =20 > with the ideas behind ProPolice, but not the implementation. Can I use= =20 > SSP-compied libraries with pre-SSP applications? Can I use post-SSP=20 > applications with pre-SSP binaries? Last time I tried it (several years ago, when I maintained my own local patch for world integration), backwards binary compatibility was an issue, i.e. it was possible to hose your system when trying to revert the changes (since all rebuilt binaries all depend on symbols no longer provided in libc). Kris --u3/rZRmxL6MmkK24 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEd02uWry0BWjoQKURAonjAJ9Vq+exWJiVtiEvm/NaVCOjD2k0RgCghglV jQB5zxd1bKDjQG0rlF+EkUA= =fcJN -----END PGP SIGNATURE----- --u3/rZRmxL6MmkK24--