Hi, On Tue, 29 Mar 2022 at 12:15, Ludovic Courtès <l...@gnu.org> wrote:
> Stack smashing protection (SSP) may incur measurable run-time overhead > though so enabling that one by default may be less consensual. That’s true and it could be an issue for HPC practitioners. However, quoting Wikipedia [1], for what it is worth: --8<---------------cut here---------------start------------->8--- All Fedora packages are compiled with -fstack-protector since Fedora Core 5, and -fstack-protector-strong since Fedora 20.[19][20] Most packages in Ubuntu are compiled with -fstack-protector since 6.10.[21] Every Arch Linux package is compiled with -fstack-protector since 2011.[22] All Arch Linux packages built since 4 May 2014 use -fstack-protector-strong.[23] Stack protection is only used for some packages in Debian,[24] and only for the FreeBSD base system since 8.0.[25] Stack protection is standard in certain operating systems, including OpenBSD,[26] Hardened Gentoo[27] and DragonFly BSD. --8<---------------cut here---------------end--------------->8--- Well, I miss if Guix is built using this ’-fstack-protector’ flag; or whether it is included by default. Cheers, simon 1: <https://en.wikipedia.org/wiki/Buffer_overflow_protection#GNU_Compiler_Collection_(GCC)>