Date: Wed, 20 Aug 2014 11:34:22 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: Ports FreeBSD <freebsd-ports@freebsd.org>, pkg@freebsd.org Subject: [CFT] SSP Package Repository available Message-ID: <53F4CE0E.8040106@FreeBSD.org> In-Reply-To: <523D79CD.2090302@FreeBSD.org> References: <523D79CD.2090302@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --K5G4LOnFU7x5CMaL6D0wm5KIVLpq9PTjB Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 9/21/2013 5:49 AM, Bryan Drewery wrote: > Ports now support enabling Stack Protector [1] support on FreeBSD 10 > i386 and amd64, and older releases on amd64 only currently. >=20 > Support may be added for earlier i386 releases once all ports properly > respect LDFLAGS. >=20 > To enable, just add WITH_SSP=3Dyes to your make.conf and rebuild all po= rts. >=20 > The default SSP_CLFAGS is -fstack-protector, but -fstack-protector-all > may optionally be set instead. >=20 > Please help test this on your system. We would like to eventually enabl= e > this by default, but need to identify any major ports that have run-tim= e > issues due to it. >=20 > [1] https://en.wikipedia.org/wiki/Buffer_overflow_protection >=20 We have not had any feedback on this yet and want to get it enabled by default for ports and packages. We now have a repository that you can use rather than the default to help test. We need your help to identify any issues before switching the default. This repository is available for: head 10.0 9.1,9.2,9.3 It is not available for 8.4. If someone is willing to test on 8.4 I will build a repository for it. Place this in /usr/local/etc/pkgs/repos/FreeBSD_ssp.conf: FreeBSD: { enabled: no } FreeBSD_ssp: { url: "pkg+http://pkg.FreeBSD.org/${ABI}/ssp", mirror_type: "srv", signature_type: "fingerprints", fingerprints: "/usr/share/keys/pkg", enabled: yes } Once that is done you should force reinstall packages from this repositor= y: pkg update pkg upgrade -f Thanks for your help! Bryan Drewery On behalf of portmgr. --K5G4LOnFU7x5CMaL6D0wm5KIVLpq9PTjB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iQEcBAEBAgAGBQJT9M4OAAoJEDXXcbtuRpfPudQH/RV3dAPGOMV+RRC3IGo0l7bB rjr5J5xQK4FuIYenMhkEV+p8Wh/ow9P3GXBQtR4ki/x3Jgk7Xw5YlC4PfJyPdFpM 90wx0IjtT9i5CLTGF+psTgeV5Oh50jWnpy8wggsK+CfFtgqRebdbQvqIWOtKuDdT R5QtxF9U4ZDHCJTEVLsiCeY4SP3N2eqwS4MHX1/92I1xJxbETDQ0CjvoQ5ojfmEi crtNhk4QNUxmmElmxM71iiElbZPfdf3UbqDupQm80eTHNj5Adda8+Mo1ZmUsJYM6 YimDcpNTumctOVLXobpBZEJtOExAsajO1v/aFGWJz4kp2AkGwCLXHowNpHbb/u4= =ElhW -----END PGP SIGNATURE----- --K5G4LOnFU7x5CMaL6D0wm5KIVLpq9PTjB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53F4CE0E.8040106>