Re: Stack-smashing protection

To: debian-security@lists.debian.org
Subject: Re: Stack-smashing protection
From: Albert Cervera Areny <albertca@jazzfree.com>
Date: Sat, 7 Dec 2002 01:09:59 +0100
Message-id: <200212070109.59746.albertca@jazzfree.com>
In-reply-to: <200212062223.gB6MNUPF006470@katrina.thing.dyndns.org>
References: <200212062129.08591.albertca@jazzfree.com> <200212062223.gB6MNUPF006470@katrina.thing.dyndns.org>

Sorry, I didn't say it as it really is... 

"It shows an 8% overhead on function calls, which should be the upper bound on 
the real costs of running programs under this protection system. The overall 
overhead of guarded programs varies with how many functions are called that 
have character array. Figure 10 shows a program's name, its description, the 
number of functions declared, and the number of functions used with character 
arrays. In most cases, the usage of a character array is less than 10% of the 
functions. It isn't the same as the ratio of the number of functions 
executed, but there is a some correlation between them."

Some overhead examples are in the web page 
("http://www.trl.ibm.com/projects/security/ssp/node5.html#SECTION00051000000000000000";
quite a nice URL ;-)

Perl 4%
ctags 1%
impad 0%

So it isn't really that the hole system runs 8% slower. Sorry for my first 
explanation... Now I think it is an overhead which is afordable seeing its 
benefits.

A Friday 06 December 2002 23:13, Thing va escriure:
> 8% is a huge hit, by all means a module or an option, however I question
> its need as "standard". I would not want it there unless Im convinced it
> truely offers protection from a quantifiable risk. I dont want to see the
> kernel go the way of MS's kernel ,one huge bloated mess.
>
> Lets see some papers/justification for this item, it may not be needed in
> all situations.
>
> regards
>
> Thing
>
> On Sat, 07 Dec 2002 09:29, Albert Cervera Areny wrote:
> > I've read in slashdot
> > (http://bsd.slashdot.org/article.pl?sid=02/12/02/2035207) that openbsd
> > has included stack-smashing protection using the ProPolice
> > (http://www.trl.ibm.com/projects/security/ssp/) patch for GCC 3.2
> >
> > I think it would be a great idea to use this patch with debian too as
> > soon as gcc becomes the compiler by default. Protecting the entire system
> > from this kind of bugs would really be a great security step forward.
> > Would somebody make some kind of statistics of how many of this year's
> > bugs wouldn't have made the system vulnerable with this patch?
> >
> > Though there is about of 8% performane overhead I think it is worth using
> > this. And more now that gcc makes programs about 8% faster ;-)

Reply to:

Follow-Ups:
- Re: Stack-smashing protection
  - From: David B Harris <david@eelf.ddts.net>

References:
- Stack-smashing protection
  - From: Albert Cervera Areny <albertca@jazzfree.com>
- Re: Stack-smashing protection
  - From: Thing <thing@katrina.thing.dyndns.org>

Prev by Date: Re: Possible security violation in the suck-package?
Next by Date: Re: Stack-smashing protection
Previous by thread: Re: Stack-smashing protection
Next by thread: Re: Stack-smashing protection
Index(es):
- Date
- Thread