Date: Thu, 12 Oct 2017 18:09:11 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> To: freebsd-questions@freebsd.org Subject: Re: Install-time "hardening" options Message-ID: <6000.1507856951@segfault.tristatelogic.com> In-Reply-To: <12473.128.135.52.6.1507845050.squirrel@cosmo.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <12473.128.135.52.6.1507845050.squirrel@cosmo.uchicago.edu>, "Valeri Galtsev" <galtsev@kicp.uchicago.edu> wrote: >On Thu, October 12, 2017 4:07 pm, Ronald F. Guilmette wrote: >>>> (*) Insert stack guard page ahead of growable segments >>>>... >>>I personally have mixed feeling about this. >> >> By all means, please elaborate. >> >> Under what scenarios, if any, would the use of stack guards -not- be an >> exceptionally desirable thing? (I've already conceeded that >> memory-limited >> embedded uses are a special case. But there are specialized distros for >> that.) > >Well, I actually have a mixed feelings about stack guards themselves, I do >not feel they give good protection for other memory areas, be those areas >just few addresses away or far-far away. Well, no single technique is going to solve everything, but I'd rather have this one than nothing. >But that must be just my >ignorance, and you, as system architecture expert, are quite likely right, >no matter what I feel like. I have never and would never claim to be "architecture expert". Even if you were to catch me at my most braggadocious moment, I would only claim to be the World's Second Foremost authority (on nothing in particular) ranking just behind this fellow: https://en.wikipedia.org/wiki/Irwin_Corey (Actually, now that he has passed away, earlier this year, I guess that I can now lay claim to being the World's Foremost Authority.) >Thanks for all your insights you have shared! Likewise. Regards, rfg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6000.1507856951>