Stack-smashing protection

To: debian-security@lists.debian.org
Subject: Stack-smashing protection
From: Albert Cervera Areny <albertca@jazzfree.com>
Date: Fri, 6 Dec 2002 21:29:08 +0100
Message-id: <200212062129.08591.albertca@jazzfree.com>

I've read in slashdot 
(http://bsd.slashdot.org/article.pl?sid=02/12/02/2035207) that openbsd has 
included stack-smashing protection using the ProPolice 
(http://www.trl.ibm.com/projects/security/ssp/) patch for GCC 3.2

I think it would be a great idea to use this patch with debian too as soon as 
gcc becomes the compiler by default. Protecting the entire system from this 
kind of bugs would really be a great security step forward. Would somebody 
make some kind of statistics of how many of this year's bugs wouldn't have 
made the system vulnerable with this patch?

Though there is about of 8% performane overhead I think it is worth using 
this. And more now that gcc makes programs about 8% faster ;-)

Reply to:

Follow-Ups:
- Re: Stack-smashing protection
  - From: Thing <thing@katrina.thing.dyndns.org>
- Re: Stack-smashing protection
  - From: martin f krafft <madduck@debian.org>
- Re: Stack-smashing protection
  - From: Gustavo Franco <stratus@legolas.alternex.com.br>

Prev by Date: Re: pop mail recommendations
Next by Date: Re: Stack-smashing protection
Previous by thread: Re: pop mail recommendations
Next by thread: Re: Stack-smashing protection
Index(es):
- Date
- Thread