From owner-freebsd-security@FreeBSD.ORG  Fri Oct 28 15:12:41 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8367116A41F
	for <freebsd-security@freebsd.org>;
	Fri, 28 Oct 2005 15:12:41 +0000 (GMT)
	(envelope-from db@traceroute.dk)
Received: from cicero2.cybercity.dk (cicero2.cybercity.dk [212.242.40.53])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2142943D46
	for <freebsd-security@freebsd.org>;
	Fri, 28 Oct 2005 15:12:41 +0000 (GMT)
	(envelope-from db@traceroute.dk)
Received: from user4.cybercity.dk (user4.cybercity.dk [212.242.41.50])
	by cicero2.cybercity.dk (Postfix) with ESMTP
	id 3F18619151C; Fri, 28 Oct 2005 17:12:39 +0200 (CEST)
Received: from trinita (port132.ds1-arsy.adsl.cybercity.dk [212.242.239.73])
	by user4.cybercity.dk (Postfix) with ESMTP
	id 72419502F6; Fri, 28 Oct 2005 17:12:38 +0200 (CEST)
From: db <db@traceroute.dk>
To: freebsd-security@freebsd.org, patrick.bihan-faou@netzuno.com
Date: Fri, 28 Oct 2005 15:12:40 +0000
User-Agent: KMail/1.8.2
References: <200510270608.51571.db@traceroute.dk>
	<200510272017.02565.db@traceroute.dk>
	<4361CEB5.8050305@netzuno.com>
In-Reply-To: <4361CEB5.8050305@netzuno.com>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200510281512.40622.db@traceroute.dk>
Cc: 
Subject: Re: Non-executable stack
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2005 15:12:41 -0000

On Friday 28 October 2005 07:09, Patrick Bihan-Faou wrote:
> We are using the stack protection patches for GCC in production servers
> running FreeBSD 4.11 and everything runs well. We are using a fairly
> large number of ports (from samba to php to postgresql, etc.) and none
> have shown issues with this feature.

> Note that since it is a compiler and library patch, the kernel also
> benefits from it. I would say that if a port misbehaves with this, then
> it is more likely a problem with the port.

I don't know how it is implemented with gcc, but I'm guessing that kernel 
support is best performancewise (on platforms with hardware support for 
this). But thanks for your input, I also use php and postgresql, so it is 
nice to know that they will work :-)

br
db