1 |
On Wednesday 22 September 2004 10:08 pm, Ciaran McCreesh wrote: |
2 |
> The hack is in trying to get the compiler to make broken code safe, |
3 |
> rather than properly auditing code. SSP does not fix broken code, it's |
4 |
> just duct tape. |
5 |
|
6 |
no one said it was the end-all solution, or even the perfect solution |
7 |
|
8 |
it's a proactive security feature that has been proven to be a HELL of a lot |
9 |
better than nothing at all |
10 |
|
11 |
you know for a fact that your services out there have bugs; rather than taking |
12 |
a fatalistic approach and going 'well i done be fucked', you use solutions |
13 |
like stack protector to decrease the affect these bugs will have on your |
14 |
systems |
15 |
|
16 |
is it duct tape ? maybe, but you know what ? duct tape does a great job of |
17 |
holding things together until proper solutions are developed ... |
18 |
-mike |
19 |
|
20 |
-- |
21 |
gentoo-dev@g.o mailing list |