Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)


IMHO if SSP is supposed to be usable in NetBSD then the releases
should be compiled *with* SSP.

It's not a feature that can just be compiled in/out at a whim, it
affects all the code and is incompatible with some constructs that
would compile and run otherwise.

So unless the common response to a SSP problem is going to be "try
with SSP off" this should be in the release builds so that all
affected code is build-tested and run-tested with SSP on.

5% (or how many it turns out to be) can be lost and gained by many
things besides SSP so any person interested in tuning a system for
their particular workload should tune all relevant parameters, not
just SSP.



Home | Main Index | Thread Index | Old Index