Re: HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386

[Thor Lancelot Simon <tls%panix.com@localhost>]

On Wed, Nov 11, 2009 at 06:58:18PM +0000, Matthias Scheler wrote:
> 
> > Many of the system libraries have been compiled with stack
> > protection ...
> 
> I don't think so. The only place where SSP is turned on in this bit of
> makefile code in "bsd.sys.mk":

Code just above turns on USE_SSP if USE_FORT is set.  USE_FORT is set
by lib/libc/Makefile.inc and many other places in the source tree -- I
tried to set it for any libraries linked into network server programs
in the NetBSD source tree, as well as those programs themselves.

It's been that way for about two years.  I would actually suggest that
if we're going to turn on SSP for the whole tree we should probably
turn on FORT also.

For pkgsrc, -fstack-protector -Wno-stack-protector is probably an
appropriate default.  For pkgsrc, we cannot do the equivalent of
USE_FORT because it sets the fortify level to 2, which causes some
behavior which violates the C standard in rather uncommon cases (we
avoid the relevant constructs in our own source tree), but we could
definitely set the fortify level to 1, and probably should do.

Thor