1 |
On Mon, 26 Mar 2007 11:56:21 -0700 (PDT) Vieri <rentorbuy@×××××.com> |
2 |
wrote: |
3 |
|
4 |
> I see, but the thing is that my system has |
5 |
> sys-libs/glibc-2.3.6-r5. I used 2006.1, made the |
6 |
> symlink to hardened profile and rsync'ed immediately |
7 |
> and emerged system and world. According to forum post: |
8 |
> http://forums.gentoo.org/viewtopic-t-539616-highlight-gcc+hardened.html |
9 |
> the "trouble" you're referring to should happen if one |
10 |
> has glibc-2.4.x. or later, am I right? |
11 |
|
12 |
Yes. |
13 |
|
14 |
> I don't want to bother this list too much with my |
15 |
> novice questions. Could you please just let me know if |
16 |
> I can have a hardened system with |
17 |
> sys-libs/glibc-2.3.6-r5 and gcc-4.1.1 and/or |
18 |
> gcc-3.4.6? |
19 |
|
20 |
You need to use gcc-3.4.x for a fully hardened system, as it is the |
21 |
only version to currently support PIE and SSP, as you can see from the |
22 |
gcc-config output below: |
23 |
|
24 |
$ gcc-config -l |
25 |
[1] x86_64-pc-linux-gnu-3.4.6 |
26 |
[2] x86_64-pc-linux-gnu-3.4.6-hardened |
27 |
[3] x86_64-pc-linux-gnu-3.4.6-hardenednopie |
28 |
[4] x86_64-pc-linux-gnu-3.4.6-hardenednopiessp |
29 |
[5] x86_64-pc-linux-gnu-3.4.6-hardenednossp |
30 |
[6] x86_64-pc-linux-gnu-4.1.1 * |
31 |
|
32 |
Full hardened support for glibc-2.5 and gcc-4 should make an appearance |
33 |
with the release of 2007.0. |
34 |
|
35 |
--atj |
36 |
-- |
37 |
gentoo-hardened@g.o mailing list |