Brock Rozen <[EMAIL PROTECTED]> writes: > What are people's thoughts on requiring software to be compiled with > StackGuard?
Well, to start with, StackGuard is of only limited usefulness against a small subset of possible security problems. Further, these particular problems are ones that have been under the microscope for some time and we are seeing them with decreased frequency as a whole. Further, only a small part of the software in Debian would benefit from it. non-x86 architectures would probably not benefit at all (can you even compile with StackGuard there?) I would say that if we are going to be putting effort into something, that the effort be put into code audit instead of StackGuard. That would be more likely to find and fix problems, and would not be so restricted in scope. -- John Goerzen Linux, Unix consulting & programming [EMAIL PROTECTED] | Developer, Debian GNU/Linux (Free powerful OS upgrade) www.debian.org | ----------------------------------------------------------------------------+ The 135,949th digit of pi is 3.
