Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)

On Nov 13, 2009, at 6:21 AM, Jukka Ruohonen wrote:

> On Thu, Nov 12, 2009 at 06:04:20PM -0500, Steven Bellovin wrote:
>> In the meantime, is there something I can put into mk.conf to enable it
>> when I do my own builds?  What about for pkgsrc builds?
> Something like
> .if defined(BSD_PKG_MK)
> CFLAGS+=-fstack-protector-all
> .endif

> Note that quite a few packages break with SSP.

Hmm -- why?  Buffer overflows that haven't been exploited yet?

                --Steve Bellovin,

Home | Main Index | Thread Index | Old Index