1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
|
5 |
|
6 |
Ciaran McCreesh wrote: |
7 |
| On Wed, 22 Sep 2004 11:54:55 -0400 John Richard Moser |
8 |
| <nigelenki@×××××××.net> wrote: |
9 |
|
10 |
[...] |
11 |
|
12 |
| Personally, I don't see the point in an ugly hack which occasionally |
13 |
| sort of protects you from badly written code... The option's there for |
14 |
|
15 |
wtf? It's been around for what, 6 years almost? Sure, C doesn't do |
16 |
bounds checking, so this is technically a hack; but it's a very planned |
17 |
out, structured hack with specific goals. Compiler optimizations are |
18 |
more of a hack; they rearrange and change your code around to make it |
19 |
run faster. |
20 |
|
21 |
Your use of 'occasionally' is blatantly misleading. Unless I'm |
22 |
misremembering this, CERT has been getting more and more reports of |
23 |
programs with buffer overflow based vulnerabilities each year. I |
24 |
thought it was up to something like 2000-3000 per year nowadays. Last I |
25 |
looked there were about 170 format string based vulnerabilities. I'm |
26 |
sure there's other types, but aside from good old retarded design (i.e. |
27 |
automatically executing scripts from untrusted sources as root by |
28 |
default), I haven't heard of them. IANASE. |
29 |
|
30 |
Vulnerabilities are 'occasionally' found, but of the lot of them, a good |
31 |
chunk is protected from with this. Not all, but a lot. The overhead |
32 |
from this is very minimal; and the proposal was only to implement it in |
33 |
the most vulnerable places. It's usually not obviously visible even if |
34 |
implemented system-wide; at least, not until somebody overflows |
35 |
something and it aborts instead of giving them a shell. |
36 |
|
37 |
Have you read the paper Etoh and Yoda wrote on SSP? |
38 |
http://www.trl.ibm.com/projects/security/ssp/main.html It's very |
39 |
enlightening. |
40 |
|
41 |
| anyone who really wants it, but we tend more towards a "turn most things |
42 |
| off unless the user asks for them" approach, hence the relatively low |
43 |
| number of things turned on in the default USE settings. |
44 |
|
45 |
Well then leave it turned off, but put a note about the availability of |
46 |
the feature in the comments above FEATURES= in make.conf. |
47 |
|
48 |
| |
49 |
| | Any comments? Would this be more suitable as a USE or a FEATURES |
50 |
| | setting? |
51 |
| |
52 |
| FEATURES, not USE. |
53 |
| |
54 |
|
55 |
- -- |
56 |
All content of all messages exchanged herein are left in the |
57 |
Public Domain, unless otherwise explicitly stated. |
58 |
|
59 |
-----BEGIN PGP SIGNATURE----- |
60 |
Version: GnuPG v1.2.6 (GNU/Linux) |
61 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
62 |
|
63 |
iD4DBQFBUesPhDd4aOud5P8RAt1OAJjySIXem4RXzdJ01iVAvyTfjw/XAJ4wW8Yc |
64 |
IgmuKFSm88Q2C/tOVEVzFQ== |
65 |
=5dfk |
66 |
-----END PGP SIGNATURE----- |
67 |
|
68 |
-- |
69 |
gentoo-dev@g.o mailing list |