Re: GCC stack-smashing extension

From: D J Hawkey Jr (
Date: 01/07/02

Date: Mon, 7 Jan 2002 13:03:40 -0600
From: D J Hawkey Jr <>
To: Jeff Palmer <>

While I agree with you 100%, I also echo the thoughts of David Geirsson.

I am as careful and diligent as I know how to be with software I write,
patch, or hack. However, I use a lot of OSS software, and not all of it
is written by those with the experience of a Darren Reed or Matt Dillon.
I'm modest enough to accept that my own code isn't always as bullet-proof
as it might be, too.

I figure another layer to the security onion can't hurt, and am looking
for insights as to the patch's usefulness and integrity, rather than a
conversation on whether it's necessary!


On Jan 07, at 11:06 AM, Jeff Palmer wrote:
> While I have never personally used this patch, my advice would be:
> Don't depend on a compiler based security implementation in your code.
> Code with security in mind from the ground up.
> What happens if you get used to your compiler adding in all the checks and
> balances, and then for some reason you are forced to use a standard
> compiler for something?
> Don't let a compiler allow you to lower your standards. Don't let it make
> you lazy. And most of all, don't let it teach you bad habits (Microsofts
> MFC for vc++ comes to mind here on the bad habits example)
> Just my two cents.. I'd rather stick with a default GCC,
> and use better/smarter coding practices on my machines :-)
> ----- Original Message -----
> From: "D J Hawkey Jr" <>
> To: "security at FreeBSD" <>
> Sent: Monday, January 07, 2002 10:19 AM
> Subject: GCC stack-smashing extension
> > Hey, all,
> >
> > I recently stumbled across the web page for the GCC stack-smashing
> > extension (
> >
> > - Anyone have any experience with it, good, bad, or otherwise?
> > - Any reason why I wouldn't want this?
> > - Any plans to merge it into the FreeBSD-distributed GCC?
> >
> > Thanks,
> > Dave
> >

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message