1 |
Mike Frysinger wrote: |
2 |
> On Wednesday 11 May 2005 08:04 am, Rob Holland wrote: |
3 |
> > On Wed, May 11, 2005 at 10:51:18AM +0100, Pedro Venda wrote: |
4 |
> > > I'm left with a doubt: how to find out if some binary was compiled |
5 |
> > > with -fstack-protector gcc option? |
6 |
> > |
7 |
> > I think: nm /bin/foo|grep guard |
8 |
> > should tell you, if you see a guard symbol, it has ssp. |
9 |
> |
10 |
> nm doesnt always worked (it'll fail on stripped binaries), but `readelf > -s foo | grep guard` should work fine |
11 |
|
12 |
'__guard' would be better than 'guard', to avoid false positives. Personally I use '__stack_smash_handler' |
13 |
|
14 |
Kev. |
15 |
|
16 |
|
17 |
|
18 |
|
19 |
-- |
20 |
gentoo-hardened@g.o mailing list |