[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hardened toolchain
From: |
zimoun |
Subject: |
Re: Hardened toolchain |
Date: |
Fri, 29 Apr 2022 12:31:28 +0200 |
Hi,
On Tue, 29 Mar 2022 at 12:15, Ludovic Courtès <ludo@gnu.org> wrote:
> Stack smashing protection (SSP) may incur measurable run-time overhead
> though so enabling that one by default may be less consensual.
That’s true and it could be an issue for HPC practitioners. However,
quoting Wikipedia [1], for what it is worth:
--8<---------------cut here---------------start------------->8---
All Fedora packages are compiled with -fstack-protector since Fedora
Core 5, and -fstack-protector-strong since Fedora 20.[19][20] Most
packages in Ubuntu are compiled with -fstack-protector since 6.10.[21]
Every Arch Linux package is compiled with -fstack-protector since
2011.[22] All Arch Linux packages built since 4 May 2014 use
-fstack-protector-strong.[23] Stack protection is only used for some
packages in Debian,[24] and only for the FreeBSD base system since
8.0.[25] Stack protection is standard in certain operating systems,
including OpenBSD,[26] Hardened Gentoo[27] and DragonFly BSD.
--8<---------------cut here---------------end--------------->8---
Well, I miss if Guix is built using this ’-fstack-protector’ flag; or
whether it is included by default.
Cheers,
simon
1:
<https://en.wikipedia.org/wiki/Buffer_overflow_protection#GNU_Compiler_Collection_(GCC)>
- Re: Hardened toolchain, (continued)
- Re: Hardened toolchain, Zhu Zihao, 2022/04/15
- Re: Hardened toolchain, raingloom, 2022/04/15
- Re: Hardened toolchain, Katherine Cox-Buday, 2022/04/26
- Re: Hardened toolchain, Aurora, 2022/04/28
- Re: Hardened toolchain, Katherine Cox-Buday, 2022/04/28
- Re: Hardened toolchain, Aurora, 2022/04/28
- Re: Hardened toolchain, Vagrant Cascadian, 2022/04/28
- Re: Hardened toolchain, Aurora, 2022/04/28
Re: Hardened toolchain, Nathan Dehnel, 2022/04/15
Re: Hardened toolchain,
zimoun <=