[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
On Wed, Nov 11, 2009 at 07:27:22PM +0100, Tobias Nygren wrote:
> On Wed, 11 Nov 2009 18:06:46 +0000
> Matthias Scheler <tron%NetBSD.org@localhost> wrote:
> > BTW: this change does *not* require you to recompile your packages
> > or any other binaries. They will continue to work but have
> > only limitted stack smash protection.
> Is there any benefit to recompiling packages? Do libraries and binaries
> built on machines with and w/o ssp interoperate when mingled?
Do the default compilation flags for pkgsrc turn on stack protection
now? Many of the system libraries have been compiled with stack
protection (and also -DFORTIFY_SOURCE, which is almost certainly unsafe
for pkgsrc) for a long time, so you may already have as much benefit,
practically speaking, as you'd get by recompiling.
To the extent of my knowledge there is no problem with library
Main Index |
Thread Index |