Re: Improving security for pkgsrc

[Pierre Pronchery <khorben%defora.org@localhost>]

			Hi John, tech-pkg@,

On 07/19/15 00:14, John Nemeth wrote:
> } > On Sat, Jul 18, 2015 at 06:38:09PM +0200, Pierre Pronchery wrote:
> } >> 1. Building with stack smashing protection: (SSP)
> } >>
> } >>   +_GCC_CFLAGS+=  -fstack-protector
> 
>      In the case of base:
>      [...]
>      And, this is where it was enabled by default:
> 
> -----
> revision 1.143
> date: 2007-05-28 05:06:23 -0700;  author: tls;  state: Exp;  lines: +15 -5;
> Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
> FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
> various string and memory copy and set functions (as well as a few system
> calls and other miscellany) where known at function entry.  RedHat has
> evidently built all "core system packages" with this option for some time.
> [snip]
> -----
> 
> That is from src/share/mk/bsd.sys.mk.  There is plenty of work done
> later to beef it up, but that is the initial commit.

From NetBSD-current, share/mk/bsd.own.mk 1.859:

 116 .if (${MACHINE_ARCH} == "alpha") || \
 117     (${MACHINE_ARCH} == "hppa") || \
 118     (${MACHINE_ARCH} == "ia64") || \
 119     (${MACHINE_CPU} == "mips")
 120 HAVE_SSP?=      no
 121 .else
 122 HAVE_SSP?=      yes
 123 .if ${USE_FORT:Uno} != "no"
 124 USE_SSP?=       yes
 125 .endif
 126 .endif

So, on:
- alpha, hppa, ia64 or mips, SSP will not be used;
- anything else, SSP will be used if USE_FORT is set to anything but
  "no", and "no" is the default when USE_FORT is not defined.

I do not see USE_FORT being defined anywhere else. Actually, according
to mk.conf(8):

     USE_FORT       Indicates whether the so-called ``FORTIFY_SOURCE''
                    security(7) extensions are enabled; see ssp(3) for
                    details.  This imposes some performance penalty.

                    Default: ``no''

Please tell me if I'm wrong, but I believe SSP is *not* enabled by
default on NetBSD's base system, with any architecture - even in -current.

NetBSD/src$ $ uname -ms
NetBSD amd64
NetBSD/src$ make -V USE_FORT

NetBSD/src$

HTH,
-- 
khorben