On Sunday 24 October 2010 10.04.34 Kfir Lavi wrote: > On Sun, Oct 24, 2010 at 3:34 AM, Duncan <[email protected]> wrote: > > Magnus Granberg posted on Sun, 24 Oct 2010 03:01:40 +0200 as excerpted: > > > Display-If-Install: <sys-devel/gcc-4.4 > > > > Typo: > > > > Display-If-Installed: > > ^^ > > > > Meanwhile, the title reflects hardened profiles, but the updated > > conditions aren't viewed only on hardened. The no-support-for-<gcc-4 > > policy would seem reasonable for most profiles (don't know about the > > exotic archs). Either the title should be updated to reflect that it > > applies in general (not just on hardened), or the condition to display > > only on hardened should be maintained. Either way, making it clearer in > > the body as well would be wise, so people seeing it only on hardened (if > > it applies only to them, for example) will have less chance of missing > > that, if they have regular installs as well. > > > > But I don't remember whether multiple conditions are ANDed or ORed; they > > should be ANDed here, if it's to apply to ONLY hardened with <gcc-4.4 > > installed. > > > > -- > > Duncan - List replies preferred. No HTML msgs. > > "Every nonfree program has a lord, a master -- > > and if you use the program, he is your master." Richard Stallman > > Hi all, > After reading this post I went to wikipedia to read about the SSP. > http://en.wikipedia.org/wiki/Buffer_overflow_protection > At the paragraph "GCC Stack-Smashing Protector (ProPolice)", its written" > > "It was implemented as a patch to GCC 3.x; a less intrusive > reimplementation is included in the GCC 4.1 release. Currently, SSP is > standard in OpenBSD, FreeBSD (since 8.0), Ubuntu (since 8.04 LTS[3]), > and DragonFly BSD. It is also available in NetBSD (enabled by default > on x86), Debian and Gentoo, disabled by default." > > Now this should be changed, if the SSP flag is becoming default. > > Regards, > Kfir Updated the news item. Thanks for the notes Duncan. @Kfir It is only the hardened gcc that have the SSP enable as default. We can add that Gentoo (Hardened) have it enable.
/Magnus /Magnus
Title: Info about GCC on Hardened profiles Author: Magnus Granberg <[email protected]> Content-Type: text/plain Posted: 2010-10-27 Revision: 3 News-Item-Format: 1.0 Display-If-Installed: <sys-devel/gcc-4.4 and hardened GCC 4.4.4-r2 is now stable in the hardened profiles (on x86 and amd64 as of 2010-10-24, other architectures will follow later). Starting from this version, SSP support is enabled by default for the architectures it is supported on (namely x86, amd64, ppc, ppc64 and arm). Previously, GCC 4.3.4 had SSP support but it was not enabled by default. Older GCC versions in the hardened profiles, such as the GCC 3.x series will be obsoleted, problems arising on those versions, but not applying to GCC 4.4.4-r2 will not be fixed, so please update to the new version.
signature.asc
Description: This is a digitally signed message part.
