Re: Turning on stack protection by default

To: Matthias Scheler <tron%zhadum.org.uk@localhost>
Subject: Re: Turning on stack protection by default
From: Antti Kantee <pooka%cs.hut.fi@localhost>
Date: Sun, 25 Oct 2009 01:46:16 +0300

On Sat Oct 24 2009 at 22:55:14 +0100, Matthias Scheler wrote:
> > What's the effect on something that people might actually care about,
> > say build.sh ...
> 
> I could do that. But it would require downgrading all my systems
> to binaries with SSP. Why don't you test it? You have a NetBSD system
> without SSP. You can benchmark "build.sh" for producing safer
> binaries and that repeat the build once you have updated. ;-)

Yes, I could benchmark it.  However, it's easier for me to not do that
and say "I object".  It seems like there's a lot of "I'll propose this,
but someone else should do the work in showing that I'm right" going on
in NetBSD this weekend ... ;)

> > ... or apachebench?
> 
> What would that demonstrate except that the network is the bottleneck?

It would demonstrate how much SSP might (not) be a problem for a given
real application (apache and/or www client in this case).

Follow-Ups:
- Re: Turning on stack protection by default
  - From: Matthias Scheler

References:
- Turning on stack protection by default
  - From: Matthias Scheler
- Re: Turning on stack protection by default
  - From: Mindaugas Rasiukevicius
- Re: Turning on stack protection by default
  - From: Matthias Scheler
- Re: Turning on stack protection by default
  - From: Antti Kantee
- Re: Turning on stack protection by default
  - From: Matthias Scheler

Prev by Date: Re: Turning on stack protection by default
Next by Date: Re: Turning on stack protection by default
Previous by Thread: Re: Turning on stack protection by default
Next by Thread: Re: Turning on stack protection by default
Indexes:

Home | Main Index | Thread Index | Old Index