| 1 |
On Wednesday 22 September 2004 10:08 pm, Ciaran McCreesh wrote: |
| 2 |
> The hack is in trying to get the compiler to make broken code safe, |
| 3 |
> rather than properly auditing code. SSP does not fix broken code, it's |
| 4 |
> just duct tape. |
| 5 |
|
| 6 |
no one said it was the end-all solution, or even the perfect solution |
| 7 |
|
| 8 |
it's a proactive security feature that has been proven to be a HELL of a lot |
| 9 |
better than nothing at all |
| 10 |
|
| 11 |
you know for a fact that your services out there have bugs; rather than taking |
| 12 |
a fatalistic approach and going 'well i done be fucked', you use solutions |
| 13 |
like stack protector to decrease the affect these bugs will have on your |
| 14 |
systems |
| 15 |
|
| 16 |
is it duct tape ? maybe, but you know what ? duct tape does a great job of |
| 17 |
holding things together until proper solutions are developed ... |
| 18 |
-mike |
| 19 |
|
| 20 |
-- |
| 21 |
gentoo-dev@g.o mailing list |
Archives