[fbsd] Integrating ProPolice/SSP into FreeBSD
Hugo Silva
hugo at barafranca.com
Sat Jun 10 16:36:12 UTC 2006
Jeremie Le Hen wrote:
> Hi list,
>
> I haven't got much feedback so far. I would be glad if any people
> who have been using this patch told be if they have been faced with
> some problems.
>
> Thank you
> Regards,
> Jeremie
>
> On Fri, May 26, 2006 at 05:34:22PM +0200, Jeremie Le Hen wrote:
>
>> Hi,
>>
>> first sorry for cross-posting but I thought this patch might interest
>> -CURRENT users as well as people concerned by security.
>>
>> I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step
>> further than it has been realized so far.
>>
>> It is available here :
>> http://tataz.chchile.org/~tataz/FreeBSD/SSP/
>>
>> Everything is explained on the web page, but I will repeat some
>> informations here. The patchset is splitted in two parts to ease the
>> review of the patch. The -propolice patch is only the original
>> ProPolice patch for GCC 3.4.4 applied on FreeBSD source tree. The
>> -freebsd patch contains the glue I have written to make things neat.
>>
>> The patch exists in both for CURRENT and RELENG_6. Both introduce a
>> new make.conf(5) (and src.conf(5)) knob to enable stack protection
>> on a per Makefile basis. It if of course possible to compile your
>> world with it. Please refer to the web page for more informations.
>>
>> The patch has been tested and works pretty well. My laptop and my
>> workstation at work are compiled with SSP : world, kernel and ports,
>> including X.org.
>>
>> I hope you will enjoy it.
>> Regards,
>>
Been using this since you announced it here, no problems at all.
6.1-STABLE, kernel, ports, world built with SSP.
Best regards,
Hugo
More information about the freebsd-security
mailing list