Date: Mon, 7 Jan 2002 13:02:44 -0600 (CST) From: hawkeyd@visi.com (D J Hawkey Jr) To: tim@robbins.dropbear.id.au, freebsd-security@freebsd.org Subject: Re: GCC stack-smashing extension Message-ID: <200201071902.g07J2ix05040@sheol.localdomain> In-Reply-To: <20020108030952.A91323_raven.robbins.dropbear.id.au@ns.sol.net> References: <20020107091948.A4096_sheol.localdomain@ns.sol.net> <20020108030952.A91323_raven.robbins.dropbear.id.au@ns.sol.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <20020108030952.A91323_raven.robbins.dropbear.id.au@ns.sol.net>, tim@robbins.dropbear.id.au writes: > On Mon, Jan 07, 2002 at 09:19:48AM -0600, D J Hawkey Jr wrote: > >> - Anyone have any experience with it, good, bad, or otherwise? > > Installed a copy of gcc 3.0.2 with the patch applied, tried compiling > some simple programs with gcc -S -fstack-protector, checked the > assembly language output and saw nothing even resembling protection. > I assume I messed up the install somehow, but didn't bother trying to > figure out what. IIUC, it [mainly] sees that pointers preceed buffer space. If you had coded the opposite, it should have changed them around, no? >> - Any reason why I wouldn't want this? > > It's claimed that people have used versions of FreeBSD compiled with > the ssp patch, and the ideas and descriptions sure look nice. > It didn't work for me, though. If Kris K. is one of 'em, and his boxen are running fine with sources built with the patch, that's pretty compelling evidence that it does no harm, to say the least. >> - Any plans to merge it into the FreeBSD-distributed GCC? > > This has been discussed on this list recently: > http://www.freebsd.org/cgi/getmsg.cgi?fetch=220254+223170+/usr/local/www/db/text/2002/freebsd-security/20020106.freebsd-security > > In short, "no", but read that message for the reason. Just read it. I can appreciate this view, yes. > Tim Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201071902.g07J2ix05040>