Re: Improving security for pkgsrc

[Joerg Sonnenberger <joerg%britannica.bec.de@localhost>]

On Tue, Jul 21, 2015 at 09:34:16AM +0200, Marc Espie wrote:
> On Sun, Jul 19, 2015 at 12:05:06PM +0200, Martin Husemann wrote:
> > On Sun, Jul 19, 2015 at 01:23:35AM +0200, Pierre Pronchery wrote:
> > > Please tell me if I'm wrong, but I believe SSP is *not* enabled by
> > > default on NetBSD's base system, with any architecture - even in -current.
> > 
> > It is enabled only in parts of the tree, since together with -Werror
> > it causes lots of fallout otherwise.
> 
> ... and it takes lots of efforts to get ssp to work properly, especially
> with a compiler that has bugs.

This is not about code generation bugs. It is about the misdesign of GCC
to add (fatal with -Werror) warnings because it is too stupid to
instrument functions e.g. using alloca. Which doesn't even make sense,
as the canary cookie can be created just as well.

> from there, it's simpler to dismiss it as not being useful, rather than
> figure out where to go from there, right Joerg ?

*sigh* Have you bothered to read what I said at all? I never said it is
not useful. Just that it is much weaker than most believe it to be.

Joerg