Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 12 Aug 2012 22:23:30 +0400
From: Solar Designer <solar@...nwall.com>
To: owl-dev@...ts.openwall.com
Subject: Re: kernel's -fstack-protector

On Sun, Aug 12, 2012 at 10:12:02PM +0400, Vasily Kulikov wrote:
> RHEL6.3'ish kernel is able to use SSP of gcc, but currently doesn't do it:
[...]
> Owl's gcc doesn't use %gs, but uses a global symbol.  That's because our glibc
> doesn't support any sort of SSP and gcc fallbacks to using global symbol.
> That is a gcc compilation stage choice, so we cannot explicitly enable it for
> the kernel until glibc upgrade.
> 
> So, for now we don't use SSP for the kernel.

Thanks for researching it.  I think there's no need to do anything about
it yet - we'll upgrade glibc soon.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ