[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Introducing security hardening features for Lenny



On Tue, Jan 29, 2008 at 09:48:43PM +0000, William Pitcock wrote:
> On Tue, 2008-01-29 at 22:37 +0100, Pierre Habouzit wrote:
> > On Tue, Jan 29, 2008 at 09:16:24PM +0000, Moritz Muehlenhoff wrote:
> > > Fortify Source
> > > ==============
> > > 
> > > This feature adds validation for internal C functions such as strcpy
> > > for buffer sizes known during compile time. While vulnerabilities in
> > > the functions it protects have become uncommon in high-profile apps,
> > > it will be useful for fringe packages we have in the archive.
> > > 
> > > This feature is present in glibc since version 2.5, and is enabled
> > > through the use of "-D_FORTIFY_SOURCE=2" and "-O2" or higher.
> > > 
> > 
> >   Well, -D_FORTIFY_SOURCE=2 is a severe performance loss in many
> > applications, and I wouldn't recommend activating it by default. =1 has
> > not the drawback with that regard though, but is less useful security
> > wise (though it catch many programmatic issues, and full archive rebuild
> > with -D_FORTIFY_SOURCE=1 would be worthwile independently of this).
> > 
> 
> Out of curiosity, what applications in particular does
> -D_FORTIFY_SOURCE=2 cause issues in? It may be worthwhile to profile
> this feature and correct it's behaviour if the performance loss is that
> big of a deal.

  Basically any application that uses memcpy/memmove and some other
common <string.h> functions heavily.

-- 
·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

Attachment: pgpJaHHJrDjBt.pgp
Description: PGP signature


Reply to: