Hi! > >There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will > >implement ProPolice stack protection. It should prevent stack smashing > >techniques. > > > That is not actually in the standard GCC; it is in a forked GCC that > OpenBSD chooses to ship. Adamantix and Gentoo Hardened also ship this patched GCC compiler. > We (Immunix) are in the process of trying to make StackGuard (the > original) meet all of the criteria required for acceptance into GCC. At > the GCC Summit <http://www.gccsummit.org/2003/> in May, we presented a > StackGuard talk > <http://www.gccsummit.org/2003/view_abstract.php?talk=31> on that topic. I would rather see Hiraoke Etoh's Stack Smashing Protector (aka ProPolice) as standard stack-smashing protection mechanism in GCC than StackGuard. Groetjes, Peter Busser -- The Adamantix Project Taking trustworthy software out of the labs, and into the real world http://www.adamantix.org/
