[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Improving security



On Thu, 2004-10-14 at 06:52, Hans de Goede wrote:
> Stack Smash Protection sounds like a cool feature to me. I don't know 
> what the performance impact is, but as a developer even if it is to slow 
> to use by default I would love to have it intergrated into the gcc 
> shipped by Fedora to make debugging easier.

you can use jakub's gcc 4 / glibc rpms and something like this too
> 
> PAX uses tricks to get a non executable stack, and assignes random 
> addresses to PIE executables, which Fedora already has in the form of
> Exec Shield, good! But if I undertand it correctly PAX does more for 
> example also make data pages non executable, this might be something 
> worth looking into.

execshield makes data pages also non executable
 

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]