I've read in slashdot (http://bsd.slashdot.org/article.pl?sid=02/12/02/2035207) that openbsd has included stack-smashing protection using the ProPolice (http://www.trl.ibm.com/projects/security/ssp/) patch for GCC 3.2
I think it would be a great idea to use this patch with debian too as soon as gcc becomes the compiler by default. Protecting the entire system from this kind of bugs would really be a great security step forward. Would somebody make some kind of statistics of how many of this year's bugs wouldn't have made the system vulnerable with this patch? Though there is about of 8% performane overhead I think it is worth using this. And more now that gcc makes programs about 8% faster ;-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
