Re: Non-executable stack
From: Jimmy Scott (jimmy_at_inet-solutions.be)
Date: Thu, 27 Oct 2005 21:58:42 +0200 To: db <email@example.com>
On Thu, Oct 27, 2005 at 03:11:35PM +0000, db wrote:
> On Thursday 27 October 2005 06:35, you wrote:
> > http://www.research.ibm.com/trl/projects/security/ssp/buildfreebsd.html
> > The patch should be for 5.x in general, I don't use it anymore since some
> > ports will break, if you play with it you can disable it by default and
> > enable it explicit when you are willing to compile a binary with it.
> Ok thanks, but I was looking for a kernel level patch. Btw which ports will
I did not keep a list, but as far as I remember, the 'pure-pw' binary
from pure-ftpd was the last thing that failed. Because it was not
visible in first place (the port builded fine), I decided the risk of
breaking things without noticing it was not worth it.
I don't mean that it's a bad thing, but it will cost you some time to
find the bugs, report the bugs and get them fixed. And if you are
willing to use it in a production environment, you have to fully test
the software eacht time you are upgrading to be sure things will not
break. It's also not officially supported as far as I know.
-- People usually get what's coming to them ... unless it's been mailed.
- application/pgp-signature attachment: stored