| 1 |
On Thu, 23 Sep 2004 03:08:52 +0100, Ciaran McCreesh <ciaranm@g.o> wrote: |
| 2 |
|
| 3 |
> The hack is in trying to get the compiler to make broken code safe, |
| 4 |
> rather than properly auditing code. SSP does not fix broken code, it's |
| 5 |
> just duct tape. |
| 6 |
|
| 7 |
If you want to start auditing code yourself, and turn Gentoo into |
| 8 |
something like OpenBSD (Which I'm not saying is a bad thing) then go |
| 9 |
right ahead. Untill then, -fstack-protector sounds like a good bet. |
| 10 |
Furthermore, those "benchmarks" you included reguarding vim would be |
| 11 |
totaly irelevant if the FEATURES="autossp" were implemented, because |
| 12 |
then only the at-risk packages (net daemons) would be affected. |
| 13 |
|
| 14 |
Colin |
| 15 |
|
| 16 |
-- |
| 17 |
gentoo-dev@g.o mailing list |
Archives