Date: Mon, 19 Jun 2017 11:26:35 -0600 From: Jeff Law <law@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: Qualys Security Advisor -- The Stack Clash I would consider those two GCC BZs (68065, 66479) a separate an distinct issue. It is far more important to address design issues around the existing -fstack-check first. I think we've got a pretty good handle on how to address those problems and discussions with the upstream GCC community have already started. In an ideal world we'll get to a place where the new -fstack-check does not change program semantics, never misses probes and is efficient enough to just turn on and forget everywhere. The existing -fstack-check fails all three of those criteria. Jeff
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.