Date: Mon, 19 Jun 2017 11:26:35 -0600 From: Jeff Law <law@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: Qualys Security Advisor -- The Stack Clash I would consider those two GCC BZs (68065, 66479) a separate an distinct issue. It is far more important to address design issues around the existing -fstack-check first. I think we've got a pretty good handle on how to address those problems and discussions with the upstream GCC community have already started. In an ideal world we'll get to a place where the new -fstack-check does not change program semantics, never misses probes and is efficient enough to just turn on and forget everywhere. The existing -fstack-check fails all three of those criteria. Jeff
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ