On Thu, 27 Dec 2007, Dag-Erling Smørgrav wrote:
Gunther Mayer <[EMAIL PROTECTED]> writes:
I've known about ProPolice/SSP for a while now (from the Gentoo world) and
am aware that FreeBSD 7.0 doesn't yet support it though I know of Jeremy Le
Hen's patches (http://tataz.chchile.org/~tataz/FreeBSD/SSP/).
Wrong. FreeBSD 7 has had SSP support since May; the patch you mention just
turns it on by default. You can probably achieve the same effect by adding
-fstack-protector to CFLAGS and COPTFLAGS in make.conf.
I'd very much like us to think about turning it on by default -- while stack
protection is necessarily imperfect, it is increasingly considered a standard
compiler feature to have enabled on operating systems. In fact, I know of
relatively few that don't enable it by default...
Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
