On Fri, Jul 16, 2004 at 05:30:44PM +0200, Thomas Sj?gren wrote: > PaX support in binutils and SSP compiled packages are two very nice > things to have. The problem at this moment is that you cant have > both at the same time at this moment. > > Using for example Steve Kemp's GCC w SSP[1], binutils comes compiled with > SSP. If you then installs Petersen's binutils with PaX patch[2] Kemp's > version of binutils gets uninstalled. Whilst I've not tried this it seems believable. I guess to have them both would be a good idea, I will see if it's simple to do and if so I'll look at sharing a binary. > This isn't odd, but it's pretty annoying because, imo, both PaX and SSP > should be pretty much standard. Agreed. Although it looks like SSP will not be part of GCC ever, instead `mudflap` will be used in GCC v3.5. (I only learned of this today, and so far know little of it. It seems to be a generalised bounds checking patch - google has details but not enough for me to understand it yet). > Setting up a third repository seemd kind of ridiculous only to provide > these packages with both SSP and PaX, so is there any plans to coordinate this > kind of things and set up a centralized repository for patches like SSP > and PaX? I've been looking for a host with the bandwidth and capacity to act as an SSP build machine for a while now. I've had various offers but they have all sadly fallen through. Steve -- # The Debian Security Audit Project. http://www.debian.org/security/audit
Attachment:
pgpCX43Fzv2Yj.pgp
Description: PGP signature