Re: Turning on stack protection by default

To: port-i386%NetBSD.org@localhost, port-amd64%NetBSD.org@localhost
Subject: Re: Turning on stack protection by default
From: Matthias Scheler <tron%zhadum.org.uk@localhost>
Date: Sun, 25 Oct 2009 21:01:11 +0000

On Sun, Oct 25, 2009 at 05:25:16PM +0000, Mindaugas Rasiukevicius wrote:
> > And the worst case seems to be 8%. Such numbers are however not good
> > enough for "certain people".
> 
> Perhaps enabling it on services/daemons (e.g. postfix, bind) ...

You don't get the full protection unless the kernel and the libraries
use SSP as well.

> ... would make you feel better?

I don't mind 8% *worst case* performance degradation for a more secure
and stable system.

        Kind regards

-- 
Matthias Scheler                                  http://zhadum.org.uk/

References:
- Turning on stack protection by default
  - From: Matthias Scheler
- Re: Turning on stack protection by default
  - From: Joerg Sonnenberger
- Re: Turning on stack protection by default
  - From: Matthias Scheler
- Re: Turning on stack protection by default
  - From: Mindaugas Rasiukevicius

Prev by Date: Re: Turning on stack protection by default
Next by Date: Re: Turning on stack protection by default
Previous by Thread: Re: Turning on stack protection by default
Next by Thread: Can't use ethernet nor wireless on HP 2140
Indexes:

Home | Main Index | Thread Index | Old Index