Date: Fri, 4 Jan 2002 04:27:38 -0500 (EST) From: Dominick LaTrappe <seraf@2600.COM> To: freebsd-security@freebsd.org Cc: rob@cyberpunkz.org Subject: Re: libsafe? Message-ID: <Pine.NEB.4.21.0201040406560.20405-100000@phalse.2600.com>
next in thread | raw e-mail | index | archive | help
> http://www.avayalabs.com/project/libsafe/index.html > I won't go into details of what this lib does or is since the url above has > all the information on it. I however was wondering since someone else had > asked, if there was any type of a lib or such in freebsd which attempts to > perform some of the functions that this seems to be attempting to do. No lib I know of, but there is SSP, the "Stack Smashing Protector," which is a cross-platform patch to GCC. http://www.trl.ibm.co.jp/projects/security/ssp/ The author in May 2001 completed a FreeBSD-specific patch that lets you "make world" and even build the kernel with the protection, though I've only tested the former. Despite this, the FreeBSD camp has seemed none-too-interested in SSP. All of my FreeBSD boxes are full-SSP in userland. The patch applies cleanly to 4.4-STABLE. Everything runs smoothly (in-production coming on 8 months), the performance hit is minimal even with heavy database crunching, and buffer overflow exploits all seem to fail. ||| Dominick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.21.0201040406560.20405-100000>