1 |
What about the hardened and pic USE flags in the hardened profile? Are |
2 |
those still of use? |
3 |
|
4 |
Also, is there a way to test ssp functionality against return to |
5 |
function (memcpy and strcpy) ? |
6 |
|
7 |
On 10/23/07, Ned Ludd <solar@g.o> wrote: |
8 |
> On Tue, 2007-10-23 at 16:55 -0600, Matt Poletiek wrote: |
9 |
> > So if im reading the docs correctly do I need -fstack-protector-all |
10 |
> > and -fstack-protector in my CFLAGS to take advantage of ssp? |
11 |
> > |
12 |
> > According to the docs it should be default in the hardened profile? I |
13 |
> > just need the hardened and pic USE flags right? |
14 |
> |
15 |
> Correct. no need to muck with CFLAGS at all. |
16 |
> CFLAGS="-O2 -pipe" go... |
17 |
> |
18 |
> > |
19 |
> > On 10/23/07, pageexec@××××××××.hu <pageexec@××××××××.hu> wrote: |
20 |
> > > On 23 Oct 2007 at 21:03, Javier Martínez wrote: |
21 |
> > > |
22 |
> > > > 2007/10/23, Matt Poletiek <chill550@×××××.com>: |
23 |
> > > > > Any idea why when I add -fstack-protector-all and -fstack-protector to |
24 |
> > > > > CFLAGS paxtest still compiles with -fno-stack-protector |
25 |
> > > > > -fno-stack-protector-all ? |
26 |
> > > > > |
27 |
> > > > I think ssp is disabled in the Makefile. Look at there. Please take |
28 |
> > > > note that (in my opinion) paxtest should only demonstrate how pax |
29 |
> > > > works, not how ssp does. |
30 |
> > > |
31 |
> > > correct, ssp is disabled on purpose. |
32 |
> > > |
33 |
> > > -- |
34 |
> > > gentoo-hardened@g.o mailing list |
35 |
> > > |
36 |
> > > |
37 |
> > |
38 |
> > |
39 |
> > -- |
40 |
> > Matthew Poletiek |
41 |
> > www.chill-fu.net |
42 |
> -- |
43 |
> Ned Ludd <solar@g.o> |
44 |
> Gentoo Linux |
45 |
> |
46 |
> -- |
47 |
> gentoo-hardened@g.o mailing list |
48 |
> |
49 |
> |
50 |
|
51 |
|
52 |
-- |
53 |
Matthew Poletiek |
54 |
www.chill-fu.net |
55 |
-- |
56 |
gentoo-hardened@g.o mailing list |