On Sun, Oct 25, 2009 at 03:21:01PM -0400, James Vega wrote: > On Sun, Oct 25, 2009 at 11:55:25AM -0700, Kees Cook wrote: > > Arguments against: > > - makes the compiler's behavior different than stock compiler. > > Rebuttal: honestly, I don't care -- it seems like such a > > huge win for safety and is easy to debug. Debian > > already carries plenty of patches anyway -- there > > is no such thing as the "stock compiler". > > - makes more work for dealing with warnings. > > Rebuttal: those warnings are there for a reason -- they can > > be real security issues, and should be fixed. > > - lacks documentation. > > Rebuttal: that may have been true a while ago, but I've worked > > hard to document the features and how to handle > > problems. See [2]. Even the gcc man pages are patched. > > - makes running Debian slower. > > Rebuttal: no, nothing supports this. The bulk of _FORTIFY_SOURCE > > is compile-time. Run-time checks, including those from > > -fstack-protector are just not measurable. The burden of > > evidence for anyone claiming this is on them. I'm not > > suggesting we turn on PIE; that option can be a problem. > > - breaks debugging with gdb. See > <1256300822.13273.39.ca...@fsopti579.f-secure.com> on this list and #346409. > You provided a patch for #346409, but there appears to be issues with it as > noted in the bug log. >
in the footnotes of Kees's email it said:
(Note that the gcc hardening does NOT turn on PIE, which has
measurable performance problems on some architectures.)
so this isn't a problem.
--
_________________________
Ryan Niebur
ryanrya...@gmail.com
signature.asc
Description: Digital signature
