Can the SSP patch work with FreeBSD 4.5-PRERELEASE?

-trev

On Fri, Jan 04, 2002 at 04:27:38AM -0500, Dominick LaTrappe wrote:
> > http://www.avayalabs.com/project/libsafe/index.html
> > I won't go into details of what this lib does or is since the url above has
> > all the information on it. I however was wondering since someone else had
> > asked, if there was any type of a lib or such in freebsd which attempts to
> > perform some of the functions that this seems to be attempting to do.
>
> No lib I know of, but there is SSP, the "Stack Smashing Protector," which
> is a cross-platform patch to GCC.
>
> http://www.trl.ibm.co.jp/projects/security/ssp/
>
> The author in May 2001 completed a FreeBSD-specific patch that lets you
> "make world" and even build the kernel with the protection, though I've
> only tested the former. Despite this, the FreeBSD camp has seemed
> none-too-interested in SSP.
>
> All of my FreeBSD boxes are full-SSP in userland. The patch applies
> cleanly to 4.4-STABLE. Everything runs smoothly (in-production coming on
> 8 months), the performance hit is minimal even with heavy database
> crunching, and buffer overflow exploits all seem to fail.
>
> ||| Dominick
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
		Double Bucky
	(Sung to the tune of "Rubber Duckie")	
Double bucky, you're the one!
You make my keyboard lots of fun
	Double bucky, an additional bit or two:
(Vo-vo-de-o!)
Control and Meta side by side,
Augmented ASCII, nine bits wide!
	Double bucky, a half a thousand glyphs, plus a few!
Double bucky, left and right
OR'd together, outta sight!
	Double bucky, I'd like a whole word of
	Double bucky, I'm happy I heard of
	Double bucky, I'd like a whole word of you!
		-- (C) 1978 by Guy L. Steele, Jr.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]