GCC extension for protecting applications from stack-smashin

[GeoffOs]

GCC extension for protecting applications from stack-smashing attacks
I just came across this http://www.research.ibm.com/trl/projects/security/ssp/ and I was wondering if / how I could get this patch implemented.

Apologies if this is in the wrong forum.
_________________
Beyond a critical point within a finite space, freedom diminishes as numbers increase. ...
The human question is not how many can possibly survive within the system, but what kind of existence is possible for those who do survive."

[tuxmin]

No need to patch anything. Gentoo gcc come with the patch already. Just define -fstack-protector an you are done.
_________________
ALT-F4

[GeoffOs]

Thanks for that.
Stupid question, but how did you know that?
_________________
Beyond a critical point within a finite space, freedom diminishes as numbers increase. ...
The human question is not how many can possibly survive within the system, but what kind of existence is possible for those who do survive."

[tuxmin]

I got curious about Gentoo because of the hardened Version (transparent ASLR and stack protection via gcc patch) it must be in these docs that I read about it...
If you are interested in a security enhanced but still usable system I can really recommend the following
- grep a stage1 hardened tarball
- enable stack protection with -fstack-protection in make.conf
- set profile to hardened
- use hardened-sources and activate grsecurity to take full advantage of ASLR

If you need further details don't hestiate to ask...


Alex!!!
_________________
ALT-F4