|
|
BugTraq
Buffer overflow prevention Aug 13 2003 10:28AM Eygene A. Ryabinkin (rea rea mbslab kiae ru) (7 replies) Re: Buffer overflow prevention Aug 13 2003 07:28PM Michal Zalewski (lcamtuf coredump cx) (1 replies) Re: Buffer overflow prevention Aug 13 2003 07:13PM Nicholas Weaver (nweaver CS berkeley edu) (1 replies) Re: Buffer overflow prevention Aug 13 2003 06:26PM Jonathan A. Zdziarski (jonathan networkdweebs com) (1 replies) Re: Buffer overflow prevention Aug 13 2003 06:20PM Patrick Dolan (dolan cc admin unt edu) (2 replies) |
|
Privacy Statement |
> >There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will
> >implement ProPolice stack protection. It should prevent stack smashing
> >techniques.
> >
> That is not actually in the standard GCC; it is in a forked GCC that
> OpenBSD chooses to ship.
Adamantix and Gentoo Hardened also ship this patched GCC compiler.
> We (Immunix) are in the process of trying to make StackGuard (the
> original) meet all of the criteria required for acceptance into GCC. At
> the GCC Summit <http://www.gccsummit.org/2003/> in May, we presented a
> StackGuard talk
> <http://www.gccsummit.org/2003/view_abstract.php?talk=31> on that topic.
I would rather see Hiraoke Etoh's Stack Smashing Protector (aka ProPolice) as
standard stack-smashing protection mechanism in GCC than StackGuard.
Groetjes,
Peter Busser
--
The Adamantix Project
Taking trustworthy software out of the labs, and into the real world
http://www.adamantix.org/
[ reply ]