Re: safe strcpy()?

From: Dave Aitel (dave@immunitysec.com)
Date: 01/30/03

Next message: r s: "Re: Application to Application authentication models...."

Previous message: Crispin Cowan: "Re: safe strcpy()?"
In reply to: Crispin Cowan: "Re: safe strcpy()?"
Next in thread: Ben Pfaff: "Re: safe strcpy()?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 30 Jan 2003 16:58:58 -0500
From: Dave Aitel <dave@immunitysec.com>
To: Crispin Cowan <crispin@wirex.com>

What about Propolice - according to a recent mail from the OpenBSD
folks, Propolice is portable, and slightly better than StackGuard.
What's stopping THAT from getting integrated...

Not that RedHat really cares what the GCC people say, since they've used
a frankenstien GCC in past distributions...you'd think, they, at least,
would include stackguard or propolice as the default.

-dave

On Thu, 30 Jan 2003 11:08:58 -0800
Crispin Cowan <crispin@wirex.com> wrote:

> Dave Aitel wrote:
>
> >Does anyone on this list have any connection with the GCC developers?
> >When is StackGuard and -blip going to get integrated into the
> >standard distribution?! What are we waiting on? Mono?
> >
> We are working towards that. Having a feature accepted into GCC
> requires some key things:
>
> * that the patch is current with GCC, which is a fast-moving
> target* that the patch is portable across architectures
>
> We are essentially current with GCC, in that we have an in-the-lab
> version of StackGuard/GCC 3.2. We are working on an IA64 port of
> StackGuard, so that we can credibly claim that StackGuard is portable
> by porting it.
>
> If anyone out there has particular expertise on some other CPU, and
> wants to help, we'll take it.
>
> When we get all that done, there's the small matter of persuading the
> GCC core maintainers to accept StackGuard, because they don't have to
> if they don't want to.
>
> Crispin
>
> --
> Crispin Cowan, Ph.D.
> Chief Scientist, WireX http://wirex.com/~crispin/
> Security Hardened Linux Distribution: http://immunix.org
> Available for purchase:
> http://wirex.com/Products/Immunix/purchase.html
> Just say ".Nyet"
>
>

Next message: r s: "Re: Application to Application authentication models...."
Previous message: Crispin Cowan: "Re: safe strcpy()?"
In reply to: Crispin Cowan: "Re: safe strcpy()?"
Next in thread: Ben Pfaff: "Re: safe strcpy()?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: safe strcpy()?
... >Does anyone on this list have any connection with the GCC developers? ... >When is StackGuard and -blip going to get integrated into the standard ... StackGuard, so that we can credibly claim that StackGuard is portable by ... Security Hardened Linux Distribution: ...
(SecProg)
Re: Buffer overflow prevention
... >implement ProPolice stack protection. ... That is not actually in the standard GCC; it is in a forked GCC that ... We are in the process of trying to make StackGuard (the ... Chief Scientist, Immunix ...
(Bugtraq)