| 1 |
On Thursday 01 July 2010 09:16:17 you wrote: |
| 2 |
> Hi, I think it's a bad day to make comparisons with hardened gentoo. |
| 3 |
> |
| 4 |
> Hardened gentoo traditionally doesn't use only -fstack-protector as |
| 5 |
> ubuntu does and some others, it use -fstack-protector-all in |
| 6 |
> everywhere it could. It's an important difference. I think that the |
| 7 |
> actually ssp bug in the last version isn't representative of what |
| 8 |
> hardened gentoo does (it's a bug, an exception). It has always shipped |
| 9 |
> -fstack-protector-all everywhere. |
| 10 |
|
| 11 |
Hi, |
| 12 |
Thanks for all the feedback :) |
| 13 |
|
| 14 |
Javier: good point, I haven't really considered the differences between the |
| 15 |
use of fstack-protector and fstack-protector-all - maybe something to do in |
| 16 |
the future. Would there be a way to find out which option was used on a given |
| 17 |
binary 'post mortem'? (read: after compilation? ;)) |
| 18 |
|
| 19 |
Regards, |
| 20 |
Radek Madej |
| 21 |
|
| 22 |
> |
| 23 |
> 2010/7/1 Radoslaw Madej <radegand@××.pl> |
| 24 |
> |
| 25 |
> > Hi guys, |
| 26 |
> > |
| 27 |
> > I convinced the company I work for to allow me to spend some time on |
| 28 |
> > reviewing different security aspects of Linux OS and different distros. |
| 29 |
> > As it also involves Gentoo Hardened (which I also happily use on a daily |
| 30 |
> > basis), I thought I'd share. :) |
| 31 |
> > |
| 32 |
> > http://labs.mwrinfosecurity.com/projectdetail.php?project=13&view=news |
| 33 |
> > |
| 34 |
> > There should be more to come in a near future. Any feedback appreciated |
| 35 |
> > :) |
| 36 |
> > |
| 37 |
> > Thanks to all hardened-dev for making the Hardened Gentoo happen! :) |
| 38 |
> > Regards, |
| 39 |
> > Radek Madej |
Archives