1 |
Probably you could check if exists ssp related code in functions that hasn't |
2 |
character arrays (AFAIK this is the difference between -fstack-protector |
3 |
(doesn't protect them) and -fstack-protector-all). gdb could be your friend. |
4 |
|
5 |
2010/7/1 Radoslaw Madej <radegand@××.pl> |
6 |
|
7 |
> On Thursday 01 July 2010 09:16:17 you wrote: |
8 |
> > Hi, I think it's a bad day to make comparisons with hardened gentoo. |
9 |
> > |
10 |
> > Hardened gentoo traditionally doesn't use only -fstack-protector as |
11 |
> > ubuntu does and some others, it use -fstack-protector-all in |
12 |
> > everywhere it could. It's an important difference. I think that the |
13 |
> > actually ssp bug in the last version isn't representative of what |
14 |
> > hardened gentoo does (it's a bug, an exception). It has always shipped |
15 |
> > -fstack-protector-all everywhere. |
16 |
> |
17 |
> Hi, |
18 |
> Thanks for all the feedback :) |
19 |
> |
20 |
> Javier: good point, I haven't really considered the differences between the |
21 |
> use of fstack-protector and fstack-protector-all - maybe something to do |
22 |
> in |
23 |
> the future. Would there be a way to find out which option was used on a |
24 |
> given |
25 |
> binary 'post mortem'? (read: after compilation? ;)) |
26 |
> |
27 |
> Regards, |
28 |
> Radek Madej |
29 |
> |
30 |
> > |
31 |
> > 2010/7/1 Radoslaw Madej <radegand@××.pl> |
32 |
> > |
33 |
> > > Hi guys, |
34 |
> > > |
35 |
> > > I convinced the company I work for to allow me to spend some time on |
36 |
> > > reviewing different security aspects of Linux OS and different distros. |
37 |
> > > As it also involves Gentoo Hardened (which I also happily use on a |
38 |
> daily |
39 |
> > > basis), I thought I'd share. :) |
40 |
> > > |
41 |
> > > http://labs.mwrinfosecurity.com/projectdetail.php?project=13&view=news |
42 |
> > > |
43 |
> > > There should be more to come in a near future. Any feedback appreciated |
44 |
> > > :) |
45 |
> > > |
46 |
> > > Thanks to all hardened-dev for making the Hardened Gentoo happen! :) |
47 |
> > > Regards, |
48 |
> > > Radek Madej |
49 |
> |
50 |
> |