From: Marius Mauch <genone@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Stack smash protected daemons
Date: Wed, 22 Sep 2004 19:30:03 +0200 [thread overview]
Message-ID: <20040922193003.6c73eba3@andy.genone.homeip.net> (raw)
In-Reply-To: <20040922170424.26f1253b@snowdrop.home>
On 09/22/04 Ciaran McCreesh wrote:
> On Wed, 22 Sep 2004 11:54:55 -0400 John Richard Moser
> <nigelenki@comcast.net> wrote:
> | I believe it would be a good idea to have such a FEATURES or USE
> | flag on by default in all profiles where SSP is supported. In this
> | manner, the major targets of security attacks would automatically be
> | protected; while still allowing the user to disable the protection
> | if the user desires. Users wanting more protection can simply add
> | -fstack-protector to CFLAGS, or use Hardened Gentoo.
>
> Personally, I don't see the point in an ugly hack which occasionally
> sort of protects you from badly written code... The option's there for
> anyone who really wants it, but we tend more towards a "turn most
> things off unless the user asks for them" approach, hence the
> relatively low number of things turned on in the default USE settings.
>
> | Any comments? Would this be more suitable as a USE or a FEATURES
> | setting?
>
> FEATURES, not USE.
Depends, FEATURES are things that are done generally by portage while
USE is for per-package things. And as far as I understand this is a
request for per-package dependent behavior so it would be a USE thing.
However, would this involve anything else than CLFAGS modifications? If
not than I don't think it's worth another flag as per-package
environment variables support for portage is already planned, so it
would be pointless.
Marius
--
Public Key at http://www.genone.de/info/gpg-key.pub
In the beginning, there was nothing. And God said, 'Let there be
Light.' And there was still nothing, but you could see a bit better.
--
gentoo-dev@gentoo.org mailing list
next prev parent reply other threads:[~2004-09-22 17:30 UTC|newest]
Thread overview: 98+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-22 15:54 [gentoo-dev] Stack smash protected daemons John Richard Moser
2004-09-22 16:04 ` Ciaran McCreesh
2004-09-22 17:06 ` Elfyn McBratney
2004-09-22 17:30 ` Marius Mauch [this message]
2004-09-22 21:13 ` John Richard Moser
2004-09-23 0:11 ` Ned Ludd
2004-09-23 0:27 ` Ciaran McCreesh
2004-09-23 0:38 ` Mike Frysinger
2004-09-23 0:42 ` Ciaran McCreesh
2004-09-23 2:40 ` Mike Frysinger
2004-09-23 14:47 ` Marius Mauch
2004-09-23 19:03 ` Mike Frysinger
2004-09-23 20:28 ` Ned Ludd
2004-09-23 20:35 ` Ciaran McCreesh
2004-09-23 20:53 ` Ned Ludd
2004-09-23 21:11 ` Ciaran McCreesh
2004-09-23 1:40 ` John Richard Moser
2004-09-23 1:55 ` Ciaran McCreesh
2004-09-23 2:24 ` John Richard Moser
2004-09-23 1:48 ` Dave Monnier
2004-09-23 2:03 ` Ned Ludd
2004-09-23 2:08 ` Ciaran McCreesh
2004-09-23 2:25 ` John Richard Moser
2004-09-23 2:34 ` Ned Ludd
2004-09-23 3:12 ` Mike Frysinger
2004-09-23 2:41 ` Colin Kingsley
2004-09-23 2:47 ` Mike Frysinger
2004-09-23 23:29 ` Daniel Goller
2004-09-24 0:28 ` Jason Stubbs
2004-09-25 16:32 ` Bart Lauwers
2004-09-23 1:41 ` Christian Birchinger
2004-09-23 23:27 ` Daniel Goller
2004-09-23 23:27 ` Ciaran McCreesh
2004-09-22 16:48 ` Rumen Yotov
2004-09-22 17:59 ` Lance Albertson
2004-09-22 21:35 ` John Richard Moser
2004-09-22 21:53 ` Mike Frysinger
2004-09-22 23:49 ` Ned Ludd
2004-09-22 23:17 ` Donnie Berkholz
2004-09-23 0:26 ` Mike Frysinger
2004-09-23 0:37 ` Marius Mauch
2004-09-23 1:51 ` John Richard Moser
2004-09-23 2:44 ` Mike Frysinger
2004-09-23 14:55 ` Marius Mauch
2004-09-23 20:10 ` Paul de Vrieze
2004-09-24 0:41 ` Jason Stubbs
2004-09-24 0:46 ` Jason Stubbs
2004-09-24 0:52 ` John Richard Moser
2004-09-24 1:55 ` Marius Mauch
2004-09-23 4:01 ` John Richard Moser
2004-09-23 4:06 ` John Richard Moser
2004-09-23 5:26 ` Ned Ludd
2004-09-23 5:32 ` Mike Frysinger
2004-09-23 8:31 ` [gentoo-dev] " Thierry Carrez
2004-09-23 14:05 ` Thierry Carrez
2004-09-23 16:27 ` Ciaran McCreesh
2004-09-23 17:45 ` John Richard Moser
2004-09-24 3:21 ` John Richard Moser
2004-09-24 6:02 ` Ned Ludd
2004-09-24 6:34 ` Colin Kingsley
2004-09-24 6:34 ` John Richard Moser
2004-09-24 7:23 ` Colin Kingsley
2004-09-24 11:41 ` Ciaran McCreesh
2004-09-24 12:42 ` Spider
2004-09-24 13:03 ` Colin Kingsley
2004-09-24 13:10 ` Ciaran McCreesh
2004-09-24 15:48 ` John Richard Moser
2004-09-24 19:00 ` Paul de Vrieze
2004-09-25 1:19 ` [gentoo-dev] " Duncan
2004-09-25 3:04 ` John Richard Moser
2004-09-25 10:55 ` [gentoo-dev] " Duncan
2004-09-23 17:27 ` [gentoo-dev] Re: [gentoo-security] " John Richard Moser
2004-09-25 17:26 ` [gentoo-dev] " Bart Lauwers
2004-09-25 17:35 ` Ciaran McCreesh
2004-09-25 21:42 ` Bart Lauwers
2004-09-25 22:29 ` Ciaran McCreesh
2004-09-25 23:46 ` Bart Lauwers
2004-09-25 23:54 ` Ciaran McCreesh
2004-09-27 8:02 ` Thierry Carrez
2004-09-26 0:18 ` Stephen P. Becker
2004-09-26 1:22 ` Jason Stubbs
2004-09-25 17:43 ` Rumen Yotov
2004-09-26 0:58 ` Jason Wever
2004-09-26 6:14 ` John Richard Moser
2004-09-26 13:04 ` Ciaran McCreesh
2004-09-26 16:22 ` John Richard Moser
2004-09-26 16:23 ` Ciaran McCreesh
2004-09-26 15:52 ` Stephen P. Becker
2004-09-26 16:18 ` John Richard Moser
2004-09-26 16:22 ` Ciaran McCreesh
2004-09-26 16:29 ` Stephen P. Becker
2004-09-26 16:11 ` Jason Wever
2004-09-26 16:41 ` John Richard Moser
2004-09-26 17:25 ` [gentoo-dev] Stack smash protected daemons [blah] Kumba
2004-09-26 6:39 ` [gentoo-dev] Stack smash protected daemons Rumen Yotov
2004-09-26 10:14 ` Colin Kingsley
2004-09-26 18:36 ` Jon Portnoy
2004-09-26 18:39 ` John Richard Moser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040922193003.6c73eba3@andy.genone.homeip.net \
--to=genone@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox