On Sun, 2006-01-22 at 21:33 +0100, Dawid Gajownik wrote: > Dnia 01/22/2006 06:05 PM, Użytkownik Arjan van de Ven napisał: > > > I think chosing for secure is the right approach. > > Talking about security... What's the current status of FORTIFY_SOURCE in > the kernel? You proposed this feature in this mail → > https://www.redhat.com/archives/fedora-devel-list/2005-June/msg00012.html > Patch is also available → http://lkml.org/lkml/2005/5/25/46 but it's not > included in the Fedora's kernels → > http://cvs.fedora.redhat.com/viewcvs/rpms/kernel/devel/ (why?) (I'm not working for Red Hat nor do I have any "put this in the kernel rpm" rights) we investigated all places where it'd have any effect, and all of them were correct already (eg used the proper tests). The reason for this is simple: the kernel has a really tiny stack, so stack buffers are rare, really rare. And gcc doesn't know that "kmalloc" is like malloc, so fixed size allocations via kmalloc aren't recognized... so the value of the protection for now was basically zero ;-( -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list