Date: Mon, 7 Jan 2002 11:06:54 -0500 From: "Jeff Palmer" <scorpio@drkshdw.org> To: <hawkeyd@visi.com>, <security@freebsd.org> Subject: Re: GCC stack-smashing extension Message-ID: <001401c19795$535dc4e0$0286a8c0@jeff> References: <20020107091948.A4096@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
While I have never personally used this patch, my advice would be: Don't depend on a compiler based security implementation in your code. Code with security in mind from the ground up. What happens if you get used to your compiler adding in all the checks and balances, and then for some reason you are forced to use a standard compiler for something? Don't let a compiler allow you to lower your standards. Don't let it make you lazy. And most of all, don't let it teach you bad habits (Microsofts MFC for vc++ comes to mind here on the bad habits example) Just my two cents.. I'd rather stick with a default GCC, and use better/smarter coding practices on my machines :-) ----- Original Message ----- From: "D J Hawkey Jr" <hawkeyd@visi.com> To: "security at FreeBSD" <freebsd-security@freebsd.org> Sent: Monday, January 07, 2002 10:19 AM Subject: GCC stack-smashing extension > Hey, all, > > I recently stumbled across the web page for the GCC stack-smashing > extension (http://www.trl.ibm.com/projects/security/ssp/): > > - Anyone have any experience with it, good, bad, or otherwise? > - Any reason why I wouldn't want this? > - Any plans to merge it into the FreeBSD-distributed GCC? > > Thanks, > Dave > > -- > ______________________ ______________________ > \__________________ \ D. J. HAWKEY JR. / __________________/ > \________________/\ hawkeyd@visi.com /\________________/ > http://www.visi.com/~hawkeyd/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001401c19795$535dc4e0$0286a8c0>