Re: Buffer overflow prevention
From: Peter Busser (peter_at_trusteddebian.org)
Date: 08/15/03
- Previous message: Avery Buffington: "RE: Buffer overflow prevention"
- In reply to: Crispin Cowan: "Re: Buffer overflow prevention"
- Next in thread: Lance James: "RE: Buffer overflow prevention"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 15 Aug 2003 10:32:14 +0200 To: bugtraq@securityfocus.com
Hi!
> >There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will
> >implement ProPolice stack protection. It should prevent stack smashing
> >techniques.
> >
> That is not actually in the standard GCC; it is in a forked GCC that
> OpenBSD chooses to ship.
Adamantix and Gentoo Hardened also ship this patched GCC compiler.
> We (Immunix) are in the process of trying to make StackGuard (the
> original) meet all of the criteria required for acceptance into GCC. At
> the GCC Summit <http://www.gccsummit.org/2003/> in May, we presented a
> StackGuard talk
> <http://www.gccsummit.org/2003/view_abstract.php?talk=31> on that topic.
I would rather see Hiraoke Etoh's Stack Smashing Protector (aka ProPolice) as
standard stack-smashing protection mechanism in GCC than StackGuard.
Groetjes,
Peter Busser
-- The Adamantix Project Taking trustworthy software out of the labs, and into the real world http://www.adamantix.org/
- Previous message: Avery Buffington: "RE: Buffer overflow prevention"
- In reply to: Crispin Cowan: "Re: Buffer overflow prevention"
- Next in thread: Lance James: "RE: Buffer overflow prevention"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
