| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
Ciaran McCreesh wrote: |
| 7 |
| On Wed, 22 Sep 2004 11:54:55 -0400 John Richard Moser |
| 8 |
| <nigelenki@×××××××.net> wrote: |
| 9 |
|
| 10 |
[...] |
| 11 |
|
| 12 |
| Personally, I don't see the point in an ugly hack which occasionally |
| 13 |
| sort of protects you from badly written code... The option's there for |
| 14 |
|
| 15 |
wtf? It's been around for what, 6 years almost? Sure, C doesn't do |
| 16 |
bounds checking, so this is technically a hack; but it's a very planned |
| 17 |
out, structured hack with specific goals. Compiler optimizations are |
| 18 |
more of a hack; they rearrange and change your code around to make it |
| 19 |
run faster. |
| 20 |
|
| 21 |
Your use of 'occasionally' is blatantly misleading. Unless I'm |
| 22 |
misremembering this, CERT has been getting more and more reports of |
| 23 |
programs with buffer overflow based vulnerabilities each year. I |
| 24 |
thought it was up to something like 2000-3000 per year nowadays. Last I |
| 25 |
looked there were about 170 format string based vulnerabilities. I'm |
| 26 |
sure there's other types, but aside from good old retarded design (i.e. |
| 27 |
automatically executing scripts from untrusted sources as root by |
| 28 |
default), I haven't heard of them. IANASE. |
| 29 |
|
| 30 |
Vulnerabilities are 'occasionally' found, but of the lot of them, a good |
| 31 |
chunk is protected from with this. Not all, but a lot. The overhead |
| 32 |
from this is very minimal; and the proposal was only to implement it in |
| 33 |
the most vulnerable places. It's usually not obviously visible even if |
| 34 |
implemented system-wide; at least, not until somebody overflows |
| 35 |
something and it aborts instead of giving them a shell. |
| 36 |
|
| 37 |
Have you read the paper Etoh and Yoda wrote on SSP? |
| 38 |
http://www.trl.ibm.com/projects/security/ssp/main.html It's very |
| 39 |
enlightening. |
| 40 |
|
| 41 |
| anyone who really wants it, but we tend more towards a "turn most things |
| 42 |
| off unless the user asks for them" approach, hence the relatively low |
| 43 |
| number of things turned on in the default USE settings. |
| 44 |
|
| 45 |
Well then leave it turned off, but put a note about the availability of |
| 46 |
the feature in the comments above FEATURES= in make.conf. |
| 47 |
|
| 48 |
| |
| 49 |
| | Any comments? Would this be more suitable as a USE or a FEATURES |
| 50 |
| | setting? |
| 51 |
| |
| 52 |
| FEATURES, not USE. |
| 53 |
| |
| 54 |
|
| 55 |
- -- |
| 56 |
All content of all messages exchanged herein are left in the |
| 57 |
Public Domain, unless otherwise explicitly stated. |
| 58 |
|
| 59 |
-----BEGIN PGP SIGNATURE----- |
| 60 |
Version: GnuPG v1.2.6 (GNU/Linux) |
| 61 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
| 62 |
|
| 63 |
iD4DBQFBUesPhDd4aOud5P8RAt1OAJjySIXem4RXzdJ01iVAvyTfjw/XAJ4wW8Yc |
| 64 |
IgmuKFSm88Q2C/tOVEVzFQ== |
| 65 |
=5dfk |
| 66 |
-----END PGP SIGNATURE----- |
| 67 |
|
| 68 |
-- |
| 69 |
gentoo-dev@g.o mailing list |
Archives