From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 6717 invoked from network); 23 Sep 2004 02:47:44 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 23 Sep 2004 02:47:44 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.41) id 1CAJe4-0004f2-BC for arch-gentoo-dev@lists.gentoo.org; Thu, 23 Sep 2004 02:47:44 +0000 Received: (qmail 4657 invoked by uid 89); 23 Sep 2004 02:47:43 +0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 24575 invoked from network); 23 Sep 2004 02:47:43 +0000 From: Mike Frysinger Organization: wh0rd.org To: gentoo-dev@lists.gentoo.org Date: Wed, 22 Sep 2004 22:47:34 -0400 User-Agent: KMail/1.7 References: <4151A04F.5090304@comcast.net> <1095905014.8317.2990.camel@simple> <20040923030852.72a2d02c@snowdrop.home> In-Reply-To: <20040923030852.72a2d02c@snowdrop.home> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200409222247.34520.vapier@gentoo.org> Subject: Re: [gentoo-dev] Stack smash protected daemons X-Archives-Salt: ab8a4d11-dec1-4886-9386-773949e03d42 X-Archives-Hash: 85650fca3e91ed0e7976a36f1dcd0983 On Wednesday 22 September 2004 10:08 pm, Ciaran McCreesh wrote: > The hack is in trying to get the compiler to make broken code safe, > rather than properly auditing code. SSP does not fix broken code, it's > just duct tape. no one said it was the end-all solution, or even the perfect solution it's a proactive security feature that has been proven to be a HELL of a lot better than nothing at all you know for a fact that your services out there have bugs; rather than taking a fatalistic approach and going 'well i done be fucked', you use solutions like stack protector to decrease the affect these bugs will have on your systems is it duct tape ? maybe, but you know what ? duct tape does a great job of holding things together until proper solutions are developed ... -mike -- gentoo-dev@gentoo.org mailing list