Re: Improving security for pkgsrc

To: tech-pkg%netbsd.org@localhost
Subject: Re: Improving security for pkgsrc
From: David Holland <dholland-pkgtech%netbsd.org@localhost>
Date: Tue, 21 Jul 2015 17:36:39 +0000

On Tue, Jul 21, 2015 at 02:00:05PM +0200, Joerg Sonnenberger wrote:
 > > ... and it takes lots of efforts to get ssp to work properly, especially
 > > with a compiler that has bugs.
 > 
 > This is not about code generation bugs. It is about the misdesign of GCC
 > to add (fatal with -Werror) warnings because it is too stupid to
 > instrument functions e.g. using alloca. Which doesn't even make sense,
 > as the canary cookie can be created just as well.

He just said "bugs", not code generation bugs. What you've just
described is also a bug :-)

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- Re: Improving security for pkgsrc
  - From: Pierre Pronchery
- Re: Improving security for pkgsrc
  - From: John Nemeth
- Re: Improving security for pkgsrc
  - From: Pierre Pronchery
- Re: Improving security for pkgsrc
  - From: Martin Husemann
- Re: Improving security for pkgsrc
  - From: Marc Espie
- Re: Improving security for pkgsrc
  - From: Joerg Sonnenberger

Prev by Date: Re: Improving security for pkgsrc
Next by Date: Re: Improving security for pkgsrc
Previous by Thread: Re: Improving security for pkgsrc
Next by Thread: Re: Improving security for pkgsrc
Indexes:

Home | Main Index | Thread Index | Old Index