Dnia 2014-01-09, o godz. 17:06:52 "Anthony G. Basile" <bluen...@gentoo.org> napisał(a):
> On 01/09/2014 04:57 PM, Pacho Ramos wrote: > > What are the advantages of disabling SSP to deserve that "special" > > handling via USE flag or easily disabling it appending the flag? > > There are some cases where ssp could break things. I know of once case > right now, but its somewhat exotic. Also, sometimes we *want* to break > things for testing. I'm thinking here of instance where we want to test > a pax hardened kernel to see if it catches abuses of memory which would > otherwise be caught by executables emitted from a hardened toolchain. > Take a look at the app-admin/paxtest suite. Just to be clear, are we talking about potential system-wide breakage or single, specific packages being broken by SSP? In other words, are there cases when people will really want to disable SSP completely? Unless I'm misunderstanding something, your examples sound like you just want -fno-stack-protector per-package. I don't really think you actually want to rebuild whole gcc just to do some testing on a single package... -- Best regards, Michał Górny
signature.asc
Description: PGP signature
