On Sun, Apr 14, 2013 at 01:43:05AM +0200, Kevin Kofler wrote: > Richard W.M. Jones wrote: > > I said it "doesn't implement full bounds checking for every C object", > > and I stand by that. I doesn't cover stack objects smaller than some > > cut-off size, nor any objects in static data or on the heap at all. > > I never claimed it did. I said it prevents overwriting the return address on > the stack to execute arbitrary code. That's all it ever claimed to do. What you actually said was: "build ALL packages in Fedora with not only -fPIE and RELRO, but also -fstack-protector-all (which is not included in the current hardened cflags). Also get rid of prelink which reduces the effectiveness of ASLR. Then drop SELinux which becomes obsolete if the executables cannot be exploited in the first place. (It only papers over the real problem.)" which I interpret to mean that after using -fstack-protector-all and removing prelink, SELinux would become obsolete because no executable can be exploited. > And there is no cutoff size with -fstack-protector-all. Not true, there is still a small cutoff size and many types of object not covered -- see Steve Grubb's email. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
