Package: gcc Version: 3.2 Severity: wishlist IBM has a modification to gcc which provides protection against stack smashing attempts. Reportedly OpenBSD 3.3 will include it.
What's the stack-smashing protector? It is a GCC (Gnu Compiler Collection) extension for protecting applications from stack-smashing attacks. Applications written in C will be protected by the method that automatically inserts protection code into an application at compilation time. The protection is realized by buffer overflow detection and the variable reordering feature to avoid the corruption of pointers. The basic idea of buffer overflow detection comes from StackGuard system. For full details see http://www.trl.ibm.com/projects/security/ssp/ Cheers John Summerfield Please, no off-list mail at all at all. This address accepts mail only from Debian lists.
