1 |
On Thu, 23 Sep 2004 03:08:52 +0100, Ciaran McCreesh <ciaranm@g.o> wrote: |
2 |
|
3 |
> The hack is in trying to get the compiler to make broken code safe, |
4 |
> rather than properly auditing code. SSP does not fix broken code, it's |
5 |
> just duct tape. |
6 |
|
7 |
If you want to start auditing code yourself, and turn Gentoo into |
8 |
something like OpenBSD (Which I'm not saying is a bad thing) then go |
9 |
right ahead. Untill then, -fstack-protector sounds like a good bet. |
10 |
Furthermore, those "benchmarks" you included reguarding vim would be |
11 |
totaly irelevant if the FEATURES="autossp" were implemented, because |
12 |
then only the at-risk packages (net daemons) would be affected. |
13 |
|
14 |
Colin |
15 |
|
16 |
-- |
17 |
gentoo-dev@g.o mailing list |