| 1 |
--- Adam James <atj@××××××××××××××.uk> wrote: |
| 2 |
|
| 3 |
> > the "trouble" you're referring to should happen if |
| 4 |
> one |
| 5 |
> > has glibc-2.4.x. or later, am I right? |
| 6 |
> |
| 7 |
> Yes. |
| 8 |
|
| 9 |
Thank you. |
| 10 |
|
| 11 |
> You need to use gcc-3.4.x for a fully hardened |
| 12 |
> system, as it is the |
| 13 |
> only version to currently support PIE and SSP |
| 14 |
|
| 15 |
well, after installing from 2006.1 and doing an emerge |
| 16 |
system (emptytree) after selecting gcc-3.4, the system |
| 17 |
seems to be ok (no emerge errors except for "make" |
| 18 |
package which I emerged seperately and then re-emerged |
| 19 |
system). |
| 20 |
So now I have glibc-2.3.6-r5 and |
| 21 |
gcc 3.4.6 (Gentoo Hardened 3.4.6-r2, ssp-3.4.6-1.0, |
| 22 |
pie-8.7.10) |
| 23 |
|
| 24 |
I don't know why the forum post I referred to had the |
| 25 |
glibc emerge error and I didn't even though we used |
| 26 |
the same install CD (the stage, portage and sync |
| 27 |
apparently made the difference). |
| 28 |
|
| 29 |
Anyway, as this is my first "hardening" experience I |
| 30 |
will have to do some homework and see if my system is |
| 31 |
hard enough (apart from paxtest - which seems to be |
| 32 |
deprecated - I still wouldn't know how to test drive |
| 33 |
it). |
| 34 |
|
| 35 |
> Full hardened support for glibc-2.5 and gcc-4 should |
| 36 |
> make an appearance |
| 37 |
> with the release of 2007.0. |
| 38 |
|
| 39 |
Good news. |
| 40 |
|
| 41 |
Thanks again |
| 42 |
|
| 43 |
Vieri |
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
| 48 |
____________________________________________________________________________________ |
| 49 |
Looking for earth-friendly autos? |
| 50 |
Browse Top Cars by "Green Rating" at Yahoo! Autos' Green Center. |
| 51 |
http://autos.yahoo.com/green_center/ |
| 52 |
-- |
| 53 |
gentoo-hardened@g.o mailing list |
Archives