1 |
Ciaran McCreesh wrote: |
2 |
|
3 |
> Eh, whatever. It seems that certain people are obsessed with screwing |
4 |
> over our users by default for little gain, and somehow have this strange |
5 |
> notion that anything which has the word security in it is suddenly of |
6 |
> vital importance at the expense of absolutely everything else. |
7 |
> |
8 |
> But hey, it's 'security', so it must be right! *sigh* |
9 |
|
10 |
No, security is just a trade-off. You evaluate a specific countermeasure |
11 |
based on what you're trying to protect, how the solution mitigates that |
12 |
risk, what other risks it creates and what other trade-offs it requires. |
13 |
|
14 |
Here you're trying to protect your computer from being abused, be it for |
15 |
the information is contains (get information about you) or the computing |
16 |
power it offers (host porn or send spam with your resources). Overflows |
17 |
represent a significant percentage of attack vectors, and most of them |
18 |
are prevented using the SSP "band-aid", pending a thorough audit of all |
19 |
software used. What other risks does it create ? None significant I can |
20 |
think of. What other trade-offs does it require ? A slight performance |
21 |
hit and SSP compatibility bugs entering bugzilla. |
22 |
|
23 |
So is it worth it ? It obviously depends on you. I would say yes, not |
24 |
because there is the word 'security' on it, but because my analysis |
25 |
tells me that the slight performance hit is worth the added security, |
26 |
and I think we can support SSP specific bugs. You would say no. |
27 |
|
28 |
-- |
29 |
Koon |
30 |
Gentoo Linux Security Team |