DragonFly BSD
DragonFly kernel List (threaded) for 2003-12
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: propolice for GCC?

From: Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 9 Dec 2003 11:49:51 -0800 (PST)

:> The follow up to building with propolice.  A make buildlworld,
:> buildkernel, installworld, install kernel worked just fine, although I
:> didn't not modify the string that GCC returns (since cc uses built in
:> specs) so see that propolice was built correctly.  I'm rebuilding the
:> system again.
:I've finished building my system twice now and it does seem to be stable 
:with the propolice patch.  The only (lame) way I can tell that the stack 
:guard is in places comes from strings(1).
:	neptune# strings /kernel |grep smash
:	__stack_smash_handler
:	neptune#

    This looks good, Ryan.  I am patching it in now and testing it (by
    looking at the assembly output).  I think it is an important
    addition to GCC that cuts out a very common attack vector.

    Since they suppor both GCC 2.9x and 3.x I think we can safely commit
    it to the DFly tree once some moderate testing has been completed.

					Matthew Dillon 

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]