| 1 |
What about the hardened and pic USE flags in the hardened profile? Are |
| 2 |
those still of use? |
| 3 |
|
| 4 |
Also, is there a way to test ssp functionality against return to |
| 5 |
function (memcpy and strcpy) ? |
| 6 |
|
| 7 |
On 10/23/07, Ned Ludd <solar@g.o> wrote: |
| 8 |
> On Tue, 2007-10-23 at 16:55 -0600, Matt Poletiek wrote: |
| 9 |
> > So if im reading the docs correctly do I need -fstack-protector-all |
| 10 |
> > and -fstack-protector in my CFLAGS to take advantage of ssp? |
| 11 |
> > |
| 12 |
> > According to the docs it should be default in the hardened profile? I |
| 13 |
> > just need the hardened and pic USE flags right? |
| 14 |
> |
| 15 |
> Correct. no need to muck with CFLAGS at all. |
| 16 |
> CFLAGS="-O2 -pipe" go... |
| 17 |
> |
| 18 |
> > |
| 19 |
> > On 10/23/07, pageexec@××××××××.hu <pageexec@××××××××.hu> wrote: |
| 20 |
> > > On 23 Oct 2007 at 21:03, Javier Martínez wrote: |
| 21 |
> > > |
| 22 |
> > > > 2007/10/23, Matt Poletiek <chill550@×××××.com>: |
| 23 |
> > > > > Any idea why when I add -fstack-protector-all and -fstack-protector to |
| 24 |
> > > > > CFLAGS paxtest still compiles with -fno-stack-protector |
| 25 |
> > > > > -fno-stack-protector-all ? |
| 26 |
> > > > > |
| 27 |
> > > > I think ssp is disabled in the Makefile. Look at there. Please take |
| 28 |
> > > > note that (in my opinion) paxtest should only demonstrate how pax |
| 29 |
> > > > works, not how ssp does. |
| 30 |
> > > |
| 31 |
> > > correct, ssp is disabled on purpose. |
| 32 |
> > > |
| 33 |
> > > -- |
| 34 |
> > > gentoo-hardened@g.o mailing list |
| 35 |
> > > |
| 36 |
> > > |
| 37 |
> > |
| 38 |
> > |
| 39 |
> > -- |
| 40 |
> > Matthew Poletiek |
| 41 |
> > www.chill-fu.net |
| 42 |
> -- |
| 43 |
> Ned Ludd <solar@g.o> |
| 44 |
> Gentoo Linux |
| 45 |
> |
| 46 |
> -- |
| 47 |
> gentoo-hardened@g.o mailing list |
| 48 |
> |
| 49 |
> |
| 50 |
|
| 51 |
|
| 52 |
-- |
| 53 |
Matthew Poletiek |
| 54 |
www.chill-fu.net |
| 55 |
-- |
| 56 |
gentoo-hardened@g.o mailing list |
Archives