[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Turning on stack protection by default
On Oct 18, 2009, at 7:59 AM, Matthias Scheler wrote:
That's an excellent idea. I recall a line from Hoare (alas, I haven't
been able to find the precise quote online) about how turning off
things like that on production systems is like sailors who wear life
jackets for practice on shore, but leave them home when they go to sea.
I'm using NetBSD/amd64 and NetBSD/i386 with stack smash protection
ever since the feature was introduced into NetBSD. I've just fixed a
in "mdnsd" which was caught by SSP.(*)
Considering that this feature helps finding bugs and increases system
security I would like to suggest to turn in on by default on these
two NetBSD ports.
What do other people think about this?
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Main Index |
Thread Index |