From owner-freebsd-current@FreeBSD.ORG Fri Jun 9 09:57:33 2006 Return-Path: X-Original-To: freebsd-current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2645016A41B; Fri, 9 Jun 2006 09:57:33 +0000 (UTC) (envelope-from tataz@tataz.chchile.org) Received: from smtp6-g19.free.fr (smtp6-g19.free.fr [212.27.42.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC9A643D73; Fri, 9 Jun 2006 09:57:32 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (tataz.chchile.org [82.233.239.98]) by smtp6-g19.free.fr (Postfix) with ESMTP id 1A4FC22591; Fri, 9 Jun 2006 11:57:31 +0200 (CEST) Received: from obiwan.tataz.chchile.org (unknown [192.168.1.25]) by tatooine.tataz.chchile.org (Postfix) with ESMTP id 3D1359C3F4; Fri, 9 Jun 2006 09:57:51 +0000 (UTC) Received: by obiwan.tataz.chchile.org (Postfix, from userid 1000) id 28B04405B; Fri, 9 Jun 2006 11:57:51 +0200 (CEST) Date: Fri, 9 Jun 2006 11:57:51 +0200 From: Jeremie Le Hen To: freebsd-current@FreeBSD.org, freebsd-security@FreeBSD.org Message-ID: <20060609095751.GI1273@obiwan.tataz.chchile.org> References: <20060526153422.GB25953@obiwan.tataz.chchile.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060526153422.GB25953@obiwan.tataz.chchile.org> User-Agent: Mutt/1.5.11 Cc: Subject: Re: [fbsd] Integrating ProPolice/SSP into FreeBSD X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jun 2006 09:57:33 -0000 Hi list, I haven't got much feedback so far. I would be glad if any people who have been using this patch told be if they have been faced with some problems. Thank you Regards, Jeremie On Fri, May 26, 2006 at 05:34:22PM +0200, Jeremie Le Hen wrote: > Hi, > > first sorry for cross-posting but I thought this patch might interest > -CURRENT users as well as people concerned by security. > > I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step > further than it has been realized so far. > > It is available here : > http://tataz.chchile.org/~tataz/FreeBSD/SSP/ > > Everything is explained on the web page, but I will repeat some > informations here. The patchset is splitted in two parts to ease the > review of the patch. The -propolice patch is only the original > ProPolice patch for GCC 3.4.4 applied on FreeBSD source tree. The > -freebsd patch contains the glue I have written to make things neat. > > The patch exists in both for CURRENT and RELENG_6. Both introduce a > new make.conf(5) (and src.conf(5)) knob to enable stack protection > on a per Makefile basis. It if of course possible to compile your > world with it. Please refer to the web page for more informations. > > The patch has been tested and works pretty well. My laptop and my > workstation at work are compiled with SSP : world, kernel and ports, > including X.org. > > I hope you will enjoy it. > Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >