On Thu, 12 Sep 2013 11:23:04 -0400
"Anthony G. Basile" wrote:
> The hardened team has talked about this in IRC and our general feeling
> is that adding *just* ssp to vanilla gcc specs is okay. While there are
> some performance hits, it is generally safe and should cause little
> problems to o
On 09/10/2013 09:17 PM, Rich Freeman wrote:
> On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote:
>> 1. The kernel expects -fno-stack-protector to be the default. What will
>> the effect be on kernel configuration once -fstack-protector is the default?
>
> Nothing, since the kernel build system d
On 09/11/2013 02:07 AM, Ryan Hill wrote:
> On Tue, 10 Sep 2013 18:41:34 -0400
> Richard Yao wrote:
>
>> A few thoughts:
>>
>> 1. The kernel expects -fno-stack-protector to be the default. What will
>> the effect be on kernel configuration once -fstack-protector is the default?
>
> The kernel has
On 09/12/2013 11:03 AM, Richard Yao wrote:
> On 09/10/2013 09:17 PM, Rich Freeman wrote:
>> On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote:
>>> 1. The kernel expects -fno-stack-protector to be the default. What will
>>> the effect be on kernel configuration once -fstack-protector is the defaul
On 09/07/2013 05:11 PM, Ryan Hill wrote:
On Sat, 7 Sep 2013 18:10:42 + (UTC)
Martin Vaeth wrote:
Ryan Hill wrote:
* -fstack-protector{-all}
No thank you. -fstack-protector has very limited coverage
I'd say it covers most cases where bugs can be made,
practically without a severe impact
måndag 09 september 2013 21.00.12 skrev Ryan Hill:
> On Mon, 9 Sep 2013 08:21:35 -0400
>
> Rich Freeman wrote:
> > On Sun, Sep 8, 2013 at 8:06 PM, Ryan Hill wrote:
> > > So does anyone have any objections to making -fstack-protector the
> > > default?
> > > Now is the time to speak up.
> >
> >
onsdag 11 september 2013 04.49.55 skrev Duncan:
> (Tho jer points out that the parisc arch, among others, won't work with
> that flag at all, and warns to that effect. So I guess the patch will
> etiher be ifdeffed not to apply on such archs or will be conditionally
> applied in the first pl
onsdag 11 september 2013 00.07.29 skrev Ryan Hill:
> On Tue, 10 Sep 2013 18:41:34 -0400
>
> Richard Yao wrote:
> > A few thoughts:
> >
> > 1. The kernel expects -fno-stack-protector to be the default. What will
> > the effect be on kernel configuration once -fstack-protector is the
> > default?
On Wed, 11 Sep 2013 04:49:55 + (UTC)
Duncan <1i5t5.dun...@cox.net> wrote:
> If I'm not mistaken, dirtyepic intends to patch gcc directly to enable
> -fstack-protector, changing the default at that level so it'll be used
> unless -fno-stack-protector is in CFLAGS. At least, that's how I
> i
On Tue, 10 Sep 2013 18:41:34 -0400
Richard Yao wrote:
> A few thoughts:
>
> 1. The kernel expects -fno-stack-protector to be the default. What will
> the effect be on kernel configuration once -fstack-protector is the default?
The kernel has supported building with -fstack-protector since 2.6.1
Rich Freeman posted on Tue, 10 Sep 2013 21:17:33 -0400 as excerpted:
> On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote:
>> 1. The kernel expects -fno-stack-protector to be the default. What will
>> the effect be on kernel configuration once -fstack-protector is the
>> default?
>
> Nothing, si
On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote:
> 1. The kernel expects -fno-stack-protector to be the default. What will
> the effect be on kernel configuration once -fstack-protector is the default?
Nothing, since the kernel build system doesn't source make.conf. If
somebody creates an ebu
On 09/08/2013 08:06 PM, Ryan Hill wrote:
> On Sat, 07 Sep 2013 19:08:57 -0400
> "Rick \"Zero_Chaos\" Farina" wrote:
>
>> Personally I think this would be a great stepping stone. If we add
>> - -fstack-protector to 4.8.1 it will improve security (only a little I
>> know) and give us an idea of wh
On Sun, 8 Sep 2013 18:06:56 -0600
Ryan Hill wrote:
> So does anyone have any objections to making -fstack-protector the
> default? Now is the time to speak up.
On PARISC you get plenty of warning of how well it's going to work out:
(cc1|gcc|foo): warning: -fstack-protector not supported for thi
Ryan Hill wrote:
> I don't like creating more work for people, so I want to be sure
> there is consensus on this first. So far it sounds like there is.
I think there will come enough objections, but only down the road,
and only from people who don't want to care about quality.
Don't let that sto
On Mon, 9 Sep 2013 08:21:35 -0400
Rich Freeman wrote:
> On Sun, Sep 8, 2013 at 8:06 PM, Ryan Hill wrote:
> > So does anyone have any objections to making -fstack-protector the default?
> > Now is the time to speak up.
>
> So, in this world of all-or-nothing we want people who realize that
> 100
On Sun, Sep 8, 2013 at 8:06 PM, Ryan Hill wrote:
> You will be expected to fix them, and `append-flags
> -fno-stack-protector` is not an acceptable fix. You can't champion for more
> secure defaults and then just disable them when they get in your way.
Why not? Surely a system where 99.9% of th
Ryan Hill wrote:
>
> You will be expected to fix them, and `append-flags
> -fno-stack-protector` is not an acceptable fix.
I guess there might be some projects with special
assembler code where this is the only possiblity.
For your information, I attach my list of packages
(of about 1400 install
On Sun, 8 Sep 2013 11:05:16 + (UTC)
Martin Vaeth wrote:
> Ryan Hill wrote:
> > In any case this is a firm no.
> > The increase in loading times for apps that link lots of libraries is
> > significant (if it wasn't, we wouldn't need lazy loading :p).
> You get the same delay for lazy linki
On Sat, 07 Sep 2013 19:08:57 -0400
"Rick \"Zero_Chaos\" Farina" wrote:
> Personally I think this would be a great stepping stone. If we add
> - -fstack-protector to 4.8.1 it will improve security (only a little I
> know) and give us an idea of what issues we may have. After a short
> enjoyment
On Sat, Sep 07, 2013 at 07:12:04PM -0400, Rich Freeman wrote:
> On Sat, Sep 7, 2013 at 7:08 PM, Rick "Zero_Chaos" Farina
> wrote:
> > Personally I'm using the hardened profile already and find the
> > performance penalties negligible for a desktop user, and someone trying
> > to run realtime on de
Ryan Hill wrote:
> Martin Vaeth wrote:
>> >
>> > * -fstack-protector{-all}
>> > No thank you. -fstack-protector has very limited coverage
>>
>> I'd say it covers most cases where bugs can be made, [...]
>
> The numbers I've seen show a maximum of 5% coverage for code that has a
> large number of
Ryan Hill wrote:
>
>> > * -Wl,-z,relro
>> > Enabled by default since binutils 2.18
>>
>> This gives its real impact on secutiry only when combined with
>>
>> * -Wl,-z,now
>>
>> The latter is not enabled by default AFAIK.
>
> That's a bit misleading. Immediate binding does allow the GOT to be made
On Sat, Sep 7, 2013 at 7:08 PM, Rick "Zero_Chaos" Farina
wrote:
> Personally I'm using the hardened profile already and find the
> performance penalties negligible for a desktop user, and someone trying
> to run realtime on defaults is likely suicidal anyway.
I suspect what keeps people away from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/07/2013 05:11 PM, Ryan Hill wrote:
> On Sat, 7 Sep 2013 18:10:42 + (UTC)
> Martin Vaeth wrote:
>
>> Ryan Hill wrote:
>>>
>>> * -fstack-protector{-all}
>>> No thank you. -fstack-protector has very limited coverage
>>
>> I'd say it covers m
On Sat, 7 Sep 2013 18:10:42 + (UTC)
Martin Vaeth wrote:
> Ryan Hill wrote:
> >
> > * -fstack-protector{-all}
> > No thank you. -fstack-protector has very limited coverage
>
> I'd say it covers most cases where bugs can be made,
> practically without a severe impact on execution time or cod
Pacho Ramos wrote:
>
> Is there any kind of information about performance penalty of
> -fstack-protector? I have googled some time and there are various
> estimations (from ~2 to ~8%), but I have no idea what have they checked
> exactly.
This depends extremely on the code: Most functions will be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/07/2013 01:25 PM, Ryan Hill wrote:
> On Thu, 05 Sep 2013 12:13:28 +0200
> Agostino Sarubbo wrote:
>
>> Hello,
>>
>> during an irc debate, me and other people just noticed that the default
>> profile could use more flags to enhance the security
El sáb, 07-09-2013 a las 14:37 -0400, Rich Freeman escribió:
> On Sat, Sep 7, 2013 at 2:10 PM, Martin Vaeth
> wrote:
> > Ryan Hill wrote:
> >>
> >> * -fstack-protector{-all}
> >> No thank you. -fstack-protector has very limited coverage
> >
> > I'd say it covers most cases where bugs can be made
On Sat, Sep 7, 2013 at 2:10 PM, Martin Vaeth
wrote:
> Ryan Hill wrote:
>>
>> * -fstack-protector{-all}
>> No thank you. -fstack-protector has very limited coverage
>
> I'd say it covers most cases where bugs can be made,
> practically without a severe impact on execution time or code size.
> In
Ciaran McCreesh wrote:
>
> Security does not come from the compiler. There is no compiler flag
> that magically makes insecure code secure.
But there are flags which can catch some frequent code bugs which
perhaps some less careful upstream overlooked or is not aware of.
Moreover, the flags can c
Ryan Hill wrote:
>
> * -fstack-protector{-all}
> No thank you. -fstack-protector has very limited coverage
I'd say it covers most cases where bugs can be made,
practically without a severe impact on execution time or code size.
In contrast, -fstack-protector-all should be left to hardened, since
On Thu, 05 Sep 2013 12:13:28 +0200
Agostino Sarubbo wrote:
> Hello,
>
> during an irc debate, me and other people just noticed that the default
> profile could use more flags to enhance the security.
>
> An hint is here:
> https://wiki.ubuntu.com/ToolChain/CompilerFlags
>
> Please argue about
Perhaps a hardened desktop profile might be nice. Possibly even an selinux
profile with the popular WMs. From what I remember users of the server
profile are given a warning to switch to hardened though it would be nice
to add hardened options to other "specialized" profiles.
On Sat, Sep 7, 2013
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/05/2013 07:06 AM, Mike Frysinger wrote:
> On Thursday 05 September 2013 06:13:28 Agostino Sarubbo wrote:
>> during an irc debate, me and other people just noticed that the default
>> profile could use more flags to enhance the security.
>>
>> An
On Thursday 05 September 2013 06:13:28 Agostino Sarubbo wrote:
> during an irc debate, me and other people just noticed that the default
> profile could use more flags to enhance the security.
>
> An hint is here:
> https://wiki.ubuntu.com/ToolChain/CompilerFlags
>
> Please argue about what we _d
36 matches
Mail list logo
