What about the hardened and pic USE flags in the hardened profile? Are those still of use?
Also, is there a way to test ssp functionality against return to function (memcpy and strcpy) ? On 10/23/07, Ned Ludd <[EMAIL PROTECTED]> wrote: > On Tue, 2007-10-23 at 16:55 -0600, Matt Poletiek wrote: > > So if im reading the docs correctly do I need -fstack-protector-all > > and -fstack-protector in my CFLAGS to take advantage of ssp? > > > > According to the docs it should be default in the hardened profile? I > > just need the hardened and pic USE flags right? > > Correct. no need to muck with CFLAGS at all. > CFLAGS="-O2 -pipe" go... > > > > > On 10/23/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > On 23 Oct 2007 at 21:03, Javier MartÃnez wrote: > > > > > > > 2007/10/23, Matt Poletiek <[EMAIL PROTECTED]>: > > > > > Any idea why when I add -fstack-protector-all and -fstack-protector to > > > > > CFLAGS paxtest still compiles with -fno-stack-protector > > > > > -fno-stack-protector-all ? > > > > > > > > > I think ssp is disabled in the Makefile. Look at there. Please take > > > > note that (in my opinion) paxtest should only demonstrate how pax > > > > works, not how ssp does. > > > > > > correct, ssp is disabled on purpose. > > > > > > -- > > > [EMAIL PROTECTED] mailing list > > > > > > > > > > > > -- > > Matthew Poletiek > > www.chill-fu.net > -- > Ned Ludd <[EMAIL PROTECTED]> > Gentoo Linux > > -- > [EMAIL PROTECTED] mailing list > > -- Matthew Poletiek www.chill-fu.net -- [EMAIL PROTECTED] mailing list
