On 22 May 2009 at 13:32, basile wrote: > Paxtest doesn't cover everything, but it covers important checks and if > any fail there is definitely reason for concern.
just a sidenote, the ssp tests in paxtest were written to FAIL, not to succeed, since pax doesn't prevent overflows per se. if you want to assert the effectiveness of a particular ssp implementation, you'll have to write much more extensive tests.
