Date: Fri, 16 Feb 2001 18:26:25 +0900 From: Hiroaki Etoh <etoh@trl.ibm.co.jp> To: security@FreeBSD.ORG Cc: kris@FreeBSD.ORG, ash@lab.poc.net, kjm@rins.ryukoku.ac.jp, iwamura@muraoka.info.waseda.ac.jp Subject: Base system with gcc stack-smashing protector Message-ID: <20010216182625I.etoh@trl.ibm.com> In-Reply-To: <20001117154551.A77867@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17 Nov, Kris Kennaway wrote: > This was trivial to get working on FreeBSD, but here is a patch > against the system gcc in 4.x which will compile a ProPolice-enabled > version, so FreeBSD users can start easily making use of this. The > patch is the same for 5.x users except you will need to replace > "contrib/gcc" with "contrib/gcc.295" in the diff. > > http://www.freebsd.org/~kris/protector.patch Iwamura-san and Etoh have finished to build the stack protected version of FreeBSD base system! Iwamura-san fixed several linkage errors generated from the above patch. We confirmed the protected system blocked the bind TSIG exploit which is announced from CERT, 31 Jan, 2001. Here is a patch against the system 4.2-RELEASE. http://www.trl.ibm.co.jp/projects/security/ssp/protector.patch See http://www.trl.ibm.co.jp/projects/security/ssp/buildfreebsd.html for details. We are still working on building the protected version of kernel. Hiroaki Etoh, Tokyo Research Laboratory, IBM Japan Makoto Iwamura, Muraoka Lab., Waseda University To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010216182625I.etoh>