Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386

To: Tobias Nygren <tnn%NetBSD.org@localhost>
Subject: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Wed, 11 Nov 2009 13:30:34 -0500

On Wed, Nov 11, 2009 at 07:27:22PM +0100, Tobias Nygren wrote:
> On Wed, 11 Nov 2009 18:06:46 +0000
> Matthias Scheler <tron%NetBSD.org@localhost> wrote:
> 
> > BTW: this change does *not* require you to recompile your packages
> >      or any other binaries. They will continue to work but have
> >      only limitted stack smash protection.
> 
> Is there any benefit to recompiling packages? Do libraries and binaries
> built on machines with and w/o ssp interoperate when mingled?

Do the default compilation flags for pkgsrc turn on stack protection
now?  Many of the system libraries have been compiled with stack
protection (and also -DFORTIFY_SOURCE, which is almost certainly unsafe
for pkgsrc) for a long time, so you may already have as much benefit,
practically speaking, as you'd get by recompiling.

To the extent of my knowledge there is no problem with library
interoperation.

Thor

Follow-Ups:
- Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Matthias Scheler

References:
- HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Matthias Scheler
- Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Matthias Scheler
- Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Tobias Nygren

Prev by Date: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Next by Date: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Previous by Thread: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Next by Thread: Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
Indexes:

Home | Main Index | Thread Index | Old Index