On Thu, 17 Sep 2015 13:53:38 +0300
Alexander Todorov <atodorov@xxxxxxxxxx> wrote:
> На 17.09.2015 в 13:34, Steve Grubb написа:
> > On Thu, 17 Sep 2015 11:07:37 +0300
> > Alexander Todorov <atodorov@xxxxxxxxxx> wrote:
> >
> >> Can somebody comment on the -fstack-protector-all vs
> >> -fstack-protector-strong issue ? Do we want to change the default
> >> for %__global_cflags in /usr/lib/rpm/redhat/macros ?
> >
> > -all is not needed, -strong is the right balance between security
> > and performance. For example
> >
> > int add(int a, int b)
> > {
> > return a+b;
> > }
> >
> > Does that need a stack canary? This is the nature of why some
> > functions don't get a canary. Whenever knowledge of a stack frame
> > is passed as a pointer to a function, then -strong will kick in and
> > do a stack check on return.
> >
>
> Hi Steve,
> thanks for the explanation.
>
> So it looks like I should ignore stack canary warnings (assuming the
> package is using the default flags). Should this be ignore for both
> libraries and executable binaries or only libraries ? Or the answer
> is once again, you can't tell that easily ?
Not completely. See below.
> > To know if the right thing is being done is hard to script. You
> > really need to see what flags are passed to each source file being
> > compiled. You just can't get at that from readelf.
> >
>
> Is it realistic to request a RFE with this information stored in the
> compiled object and then be read by readelf ? If so I can file bugs
> in bugzilla.redhat.com or upstream .
>
I think Florian answered this. Indeed, the --debug-dump option does
find these strings, but they are mixed in with other data. I think that
if there is no canary and flags were passed, its not a problem. If the
flags are absent, the build scripts are suspect.
-Steve
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
