ProPolice/SSP in 7.0

[Jeremie Le Hen]

Hi Gunther,

On Tue, Dec 25, 2007 at 04:38:54PM +0200, Gunther Mayer wrote:
>  Hi there,
> 
>  I'm still running 6.2 on various servers without any tweaks (GENERIC kernel, 
>  binary updates via freebsd-update etc.) but lots of ports (apache, 
>  postgresql, diablo-jdk etc.) and would like to use stack smashing protection 
>  in order to harden my boxes and avoid many potential exploits.
> 
>  I've known about ProPolice/SSP for a while now (from the Gentoo world) and 
>  am aware that FreeBSD 7.0 doesn't yet support it though I know of Jeremy Le 
>  Hen's patches (http://tataz.chchile.org/~tataz/FreeBSD/SSP/). Some time 
>  after 7.0 is released I'd like to upgrade and apply SSP throughout kernel, 
>  userland and ports while I'm at it. However, being an unsupported patchset 
>  and all, I have some concerns which I'd like some feedback on well before I 
>  embark on this project:
> 
>    1. Will FreeBSD ever support SSP natively?
>    2. How good is the kernel patch and how many people out there are
>       using it?

I can't tell myself about the quality of kernel bits, but at least I can
state that I'm sure in case of a stack-based buffer overflow, the kernel
will crash instead of being exploited.

>    3. Does using the kernel and userland patch mean that I am eternally
>       stuck to compiling from source if I want to keep SSP on all the
>       time (gone are the days of freebsd-update luxury)?
>    4. What's the story with libssp? Jeremy reckons that it's a lost
>       cause and causes more trouble than it's worth. Yet libssp seems to
>       be the only thing that actually fully integrated in 7.0

GNU libssp is provided in FreeBSD 7.0 but it is not used though because
libc already provides the required symbols
(lib/libc/sys/stack_protector.c).  I think GNU libssp is useful only
when compiling something without libc support (-nodefaultlibs).

Regards,
-- 
Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >