Re: Non-executable stack
From: Jimmy Scott (jimmy_at_inet-solutions.be)
Date: 10/27/05
- Previous message: Ruslan Ermilov: "Re: Is it feasible to cross-build compat5x binary?"
- In reply to: db: "Re: Non-executable stack"
- Next in thread: db: "Re: Non-executable stack"
- Reply: db: "Re: Non-executable stack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Oct 2005 21:58:42 +0200 To: db <db@traceroute.dk>
On Thu, Oct 27, 2005 at 03:11:35PM +0000, db wrote:
> On Thursday 27 October 2005 06:35, you wrote:
>
> > http://www.research.ibm.com/trl/projects/security/ssp/buildfreebsd.html
> >
> > The patch should be for 5.x in general, I don't use it anymore since some
> > ports will break, if you play with it you can disable it by default and
> > enable it explicit when you are willing to compile a binary with it.
>
> Ok thanks, but I was looking for a kernel level patch. Btw which ports will
> break?
>
I did not keep a list, but as far as I remember, the 'pure-pw' binary
from pure-ftpd was the last thing that failed. Because it was not
visible in first place (the port builded fine), I decided the risk of
breaking things without noticing it was not worth it.
I don't mean that it's a bad thing, but it will cost you some time to
find the bugs, report the bugs and get them fixed. And if you are
willing to use it in a production environment, you have to fully test
the software eacht time you are upgrading to be sure things will not
break. It's also not officially supported as far as I know.
Kind regards,
Jimmy Scott
-- People usually get what's coming to them ... unless it's been mailed.
- application/pgp-signature attachment: stored
- Previous message: Ruslan Ermilov: "Re: Is it feasible to cross-build compat5x binary?"
- In reply to: db: "Re: Non-executable stack"
- Next in thread: db: "Re: Non-executable stack"
- Reply: db: "Re: Non-executable stack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
