From owner-freebsd-security Mon Jan 7 11: 3:12 2002 Delivered-To: freebsd-security@freebsd.org Received: from brea.mc.mpls.visi.com (brea.mc.mpls.visi.com [208.42.156.100]) by hub.freebsd.org (Postfix) with ESMTP id DB58A37B429 for ; Mon, 7 Jan 2002 11:02:46 -0800 (PST) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by brea.mc.mpls.visi.com (Postfix) with ESMTP id 0F01D2DE076; Mon, 7 Jan 2002 13:02:46 -0600 (CST) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.1/8.11.1) id g07J2ix05040; Mon, 7 Jan 2002 13:02:44 -0600 (CST) (envelope-from hawkeyd) Date: Mon, 7 Jan 2002 13:02:44 -0600 (CST) Message-Id: <200201071902.g07J2ix05040@sheol.localdomain> Mime-Version: 1.0 X-Newsreader: knews 0.9.8a Reply-To: hawkeyd@visi.com Organization: if (!FIFO) if (!LIFO) break; References: <20020107091948.A4096_sheol.localdomain@ns.sol.net> <20020108030952.A91323_raven.robbins.dropbear.id.au@ns.sol.net> In-Reply-To: <20020108030952.A91323_raven.robbins.dropbear.id.au@ns.sol.net> From: hawkeyd@visi.com (D J Hawkey Jr) Subject: Re: GCC stack-smashing extension X-Original-Newsgroups: sol.lists.freebsd.security To: tim@robbins.dropbear.id.au, freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In article <20020108030952.A91323_raven.robbins.dropbear.id.au@ns.sol.net>, tim@robbins.dropbear.id.au writes: > On Mon, Jan 07, 2002 at 09:19:48AM -0600, D J Hawkey Jr wrote: > >> - Anyone have any experience with it, good, bad, or otherwise? > > Installed a copy of gcc 3.0.2 with the patch applied, tried compiling > some simple programs with gcc -S -fstack-protector, checked the > assembly language output and saw nothing even resembling protection. > I assume I messed up the install somehow, but didn't bother trying to > figure out what. IIUC, it [mainly] sees that pointers preceed buffer space. If you had coded the opposite, it should have changed them around, no? >> - Any reason why I wouldn't want this? > > It's claimed that people have used versions of FreeBSD compiled with > the ssp patch, and the ideas and descriptions sure look nice. > It didn't work for me, though. If Kris K. is one of 'em, and his boxen are running fine with sources built with the patch, that's pretty compelling evidence that it does no harm, to say the least. >> - Any plans to merge it into the FreeBSD-distributed GCC? > > This has been discussed on this list recently: > http://www.freebsd.org/cgi/getmsg.cgi?fetch=220254+223170+/usr/local/www/db/text/2002/freebsd-security/20020106.freebsd-security > > In short, "no", but read that message for the reason. Just read it. I can appreciate this view, yes. > Tim Dave -- Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message