On 8/21/2014 9:31 AM, Jerry wrote: > On Thu, 21 Aug 2014 16:05:46 +0200, Mathias Picker stated: > >> On Mi, 2014-08-20 at 11:34 -0500, Bryan Drewery wrote: >>> On 9/21/2013 5:49 AM, Bryan Drewery wrote: >>>> Ports now support enabling Stack Protector [1] support on FreeBSD 10 >>>> i386 and amd64, and older releases on amd64 only currently. >>>> >>>> Support may be added for earlier i386 releases once all ports properly >>>> respect LDFLAGS. >>>> >>>> To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports. >>>> >>>> The default SSP_CLFAGS is -fstack-protector, but -fstack-protector-all >>>> may optionally be set instead. >>>> >>>> Please help test this on your system. We would like to eventually enable >>>> this by default, but need to identify any major ports that have run-time >>>> issues due to it. >>>> >>>> [1] https://en.wikipedia.org/wiki/Buffer_overflow_protection > > I always build my own ports, I don't use pre-compiled packages. If I place > "WITH_SSP=yes" in the /etc/make.conf" file, do I still have to rebuild all > the ports on my system? I am running FreeBSD-10 amd64. >
Only things built after adding WITH_SSP_PORTS=yes will have SSP enabled. (WITH_SSP works too but is not the official name anymore). -- Regards, Bryan Drewery
signature.asc
Description: OpenPGP digital signature
