1 |
On Fri, 2004-04-23 at 16:17, Travis Tilley wrote: |
2 |
|
3 |
snipped for sanity of the people being added to the CC: |
4 |
... |
5 |
.. |
6 |
. |
7 |
|
8 |
Wise man said careful what one rants about.. |
9 |
|
10 |
> to backpedal a bit: SSP. why is this forced onto all users of all archs |
11 |
> regardless of whether or not they intend to use SSP? |
12 |
|
13 |
It's in __libc_start_main() because thats where it needs it be. |
14 |
If it's symbols were move out of there then we are looking at reopening |
15 |
alot of bugs that are currently resolved because of it being in glibc vs |
16 |
libgcc_s. |
17 |
|
18 |
We are not the only distribution that does this, we were just the |
19 |
first linux distribution ;-) |
20 |
|
21 |
We are talking about 3 symbols here. |
22 |
All of which if we really needed to could be worked around rather |
23 |
trivially. Something like so if we ever wanted to remove it. But I |
24 |
HIGHLY recommend we not even try to explore this avenue at this time. |
25 |
|
26 |
unsigned long __guard; |
27 |
void __stack_smash_handler() {} |
28 |
void __guard_setup() {} |
29 |
|
30 |
Do these symbols keep you up at night? |
31 |
|
32 |
.. |
33 |
|
34 |
> I dont really like this. |
35 |
> I'd suggest a "nossp" USE flag, but at this point that isn't even possible! |
36 |
> any removal of SSP from glibc will cause every single application on every |
37 |
> single gentoo install to break horribly with errors about missing |
38 |
> __guard@glibc. |
39 |
|
40 |
|
41 |
Are you so sure of this? |
42 |
I was not aware that a dependency on the guard |
43 |
would be there unless you were actually using -fstack-protector or |
44 |
-fno-stack-protector-all. |
45 |
|
46 |
Please provide me with a valid test case that proves otherwise. |
47 |
Allow me to demonstrate in a simple example. |
48 |
|
49 |
solar@simple c $ cat main.c |
50 |
int main(int argc, char **argv) { return 0; } |
51 |
|
52 |
# Without ssp enabled. |
53 |
solar@simple c $ gcc -fno-stack-protector main.c -o main |
54 |
solar@simple c $ nm main | grep guard |
55 |
|
56 |
# And with ssp. |
57 |
solar@simple c $ gcc -fstack-protector-all main.c -o main |
58 |
solar@simple c $ nm main | grep guard |
59 |
U __guard@@GLIBC_2.3.2 |
60 |
|
61 |
|
62 |
> we are now dependant on it and can never move away without |
63 |
> some seriously hardcore pain. also, |
64 |
|
65 |
Is there a valid reason to move away from it? |
66 |
|
67 |
Does anything else allow us to offer multi arch compiler technologies |
68 |
(pointer, function verification) for our binaries thats stands up on |
69 |
it's technical merits as high as ssp without a serious performance hit? |
70 |
|
71 |
Do the research and you will probably come to the same conclusion as |
72 |
many us have.. period point blank it rocks our socks off for prevention |
73 |
of ret2libc attacks but it's not limited to just that. |
74 |
|
75 |
http://www.ida.liu.se/~johwi/research_publications/paper_ndss2003_john_wilander.pdf |
76 |
http://www.securityfocus.com/archive/1/269246 |
77 |
|
78 |
> it might be a bit more of a concern for |
79 |
> embedded system users who might need to use a libc other than glibc and start |
80 |
> off using non-static apps linked against glibc... |
81 |
|
82 |
Peter S. Mazinger has already put this support together for uClibc. |
83 |
In short it's not really a problem at all for embedded systems. |
84 |
If and when a we get a report of somebody having problems with say |
85 |
dietlibc then it's no problem to patch the stubs in there as well. |
86 |
|
87 |
Got *libc ssp problems? Come talk to the doctor. |
88 |
|
89 |
> but i'm not really familiar |
90 |
> with embedded. |
91 |
|
92 |
> there are probably many more issues here that i just havent |
93 |
> realised yet, but for what reason were we pushed into this? |
94 |
|
95 |
Well documented in our bugzilla.. |
96 |
Have a peek some time, search in the FIXED! |
97 |
|
98 |
> |
99 |
> Travis Tilley <lv@g.o> |
100 |
> Gentoo/AMD64 Developer |
101 |
> |
102 |
> -- |
103 |
> gentoo-dev@g.o mailing list |
104 |
-- |
105 |
Ned Ludd <solar@g.o> |
106 |
Gentoo Linux Developer |