1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
|
5 |
TIME TO KILL THIS THREAD. |
6 |
|
7 |
~ - Some people think SSP goes everywhere |
8 |
~ - Some people think SSP is an ugly hack that shouldn't be used |
9 |
~ - Some people think users don't want SSP |
10 |
~ - Some people think users don't know about SSP and need education |
11 |
~ - Some people want to poll the userbase |
12 |
|
13 |
I HAVE REACHED A SOLUTION. |
14 |
|
15 |
|
16 |
Phase 1: Documentation |
17 |
|
18 |
On the advice of multiple contributers to this thread, Gentoo should |
19 |
give brief documentation about SSP in the install guide. This would |
20 |
bring SSP to users' attention and allow them to decide if they want to |
21 |
Stage 1 + SSP their system, rather than Stage 2 or 3 or normal Stage 1. |
22 |
|
23 |
Such documentation should contain external links to pages about SSP, |
24 |
such as the white paper[1] and the main site[2]; or to the Hardened |
25 |
Gentoo[3] page or documentation on there. |
26 |
|
27 |
[1] http://www.trl.ibm.com/projects/security/ssp/main.html |
28 |
[2] http://www.trl.ibm.com/projects/security/ssp/ |
29 |
[3] http://hardened.gentoo.org/ |
30 |
|
31 |
Brief documentation about SSP may be added to make.conf to get the |
32 |
information to current users who won't read the install guide over |
33 |
again. It may also be flashed on screen using 'einfo' after upgrading |
34 |
portage for the next few stable versions; such a message would direct |
35 |
the user to check out the comments in make.conf.example about CFLAGS and |
36 |
- -fstack-protector. This message would of course later be removed when |
37 |
enough of the user base has seen it. |
38 |
|
39 |
|
40 |
Phase 2: Gather Information |
41 |
|
42 |
If SSP becomes popular, then a lot of users will be compiling from Stage |
43 |
1. Because SSP is off by default, Stage 2 and 3 will not be protected. |
44 |
|
45 |
The Gentoo developers would need to find out if most users on given |
46 |
archs were using and satisfied with SSP. It would also be important to |
47 |
know if these users were using Stage 1 instead of 2 or 3 for this reason. |
48 |
|
49 |
When polling users, remember that NEUTRALS DO NOT COUNT. If you have 20 |
50 |
people who don't want SSP, 20 that want it, and 400 that don't care, you |
51 |
have a 50/50 split. Similarly, if you have 35 that want SSP, 5 that |
52 |
don't, and 400 that don't care, you have only 1/8 objection and 7/8 for. |
53 |
~ It works the other way too. |
54 |
|
55 |
|
56 |
Phase 3: Deployment |
57 |
|
58 |
If the information gathered in (Phase 2) displays that a significant |
59 |
portion of the user base uses SSP, and especially if they forego Stage 2 |
60 |
or 3 in favor of Stage 1 just for SSP, then steps to enhance deployment |
61 |
should be taken. Stage 2 and 3 tarballs should be released with |
62 |
- -fstack-protector in CFLAGS, and with all contained, pre-built programs |
63 |
compiled -fstack-protector. |
64 |
|
65 |
Non-SSP stages may or may not be phased out eventually if this happens. |
66 |
~ If this process evolves Gentoo into a state where it is acknowledged |
67 |
that most non-neutral users want SSP, then the non-ssp stages will |
68 |
vanish, and GRP packages may possibly become SSP-enabled as well. |
69 |
|
70 |
If the facts show that most people are dissatisfied with or flat out |
71 |
against SSP, then (Phase 3) will never occur. |
72 |
|
73 |
|
74 |
|
75 |
Phase 3 is essentially "giving the users what they want" based on Phase |
76 |
2 ("finding out what the users want"). It's justified because users can |
77 |
still go without SSP if you do this, but it'd be more difficult. You |
78 |
make it *easier* for *most* users to get what they want, but leave it |
79 |
*possible* for the minority to change it back. Which is which is to be |
80 |
determined. |
81 |
|
82 |
- -- |
83 |
All content of all messages exchanged herein are left in the |
84 |
Public Domain, unless otherwise explicitly stated. |
85 |
|
86 |
-----BEGIN PGP SIGNATURE----- |
87 |
Version: GnuPG v1.2.6 (GNU/Linux) |
88 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
89 |
|
90 |
iD8DBQFBVwz2hDd4aOud5P8RArKxAJ448lt0j1zL+m0UP++aecvLOXCVZwCgkPT0 |
91 |
tPzF+IuxqDOsnwB+/r0ac9E= |
92 |
=dVlM |
93 |
-----END PGP SIGNATURE----- |
94 |
|
95 |
-- |
96 |
gentoo-dev@g.o mailing list |