1 |
On Thursday 01 July 2010 09:16:17 you wrote: |
2 |
> Hi, I think it's a bad day to make comparisons with hardened gentoo. |
3 |
> |
4 |
> Hardened gentoo traditionally doesn't use only -fstack-protector as |
5 |
> ubuntu does and some others, it use -fstack-protector-all in |
6 |
> everywhere it could. It's an important difference. I think that the |
7 |
> actually ssp bug in the last version isn't representative of what |
8 |
> hardened gentoo does (it's a bug, an exception). It has always shipped |
9 |
> -fstack-protector-all everywhere. |
10 |
|
11 |
Hi, |
12 |
Thanks for all the feedback :) |
13 |
|
14 |
Javier: good point, I haven't really considered the differences between the |
15 |
use of fstack-protector and fstack-protector-all - maybe something to do in |
16 |
the future. Would there be a way to find out which option was used on a given |
17 |
binary 'post mortem'? (read: after compilation? ;)) |
18 |
|
19 |
Regards, |
20 |
Radek Madej |
21 |
|
22 |
> |
23 |
> 2010/7/1 Radoslaw Madej <radegand@××.pl> |
24 |
> |
25 |
> > Hi guys, |
26 |
> > |
27 |
> > I convinced the company I work for to allow me to spend some time on |
28 |
> > reviewing different security aspects of Linux OS and different distros. |
29 |
> > As it also involves Gentoo Hardened (which I also happily use on a daily |
30 |
> > basis), I thought I'd share. :) |
31 |
> > |
32 |
> > http://labs.mwrinfosecurity.com/projectdetail.php?project=13&view=news |
33 |
> > |
34 |
> > There should be more to come in a near future. Any feedback appreciated |
35 |
> > :) |
36 |
> > |
37 |
> > Thanks to all hardened-dev for making the Hardened Gentoo happen! :) |
38 |
> > Regards, |
39 |
> > Radek Madej |