zimoun <zimon.touto...@gmail.com> writes: > On Tue, 29 Mar 2022 at 12:15, Ludovic Courtès <l...@gnu.org> wrote: > >> Stack smashing protection (SSP) may incur measurable run-time >> overhead though so enabling that one by default may be less >> consensual. > > That’s true and it could be an issue for HPC practitioners. However, > quoting Wikipedia [1], for what it is worth: > > All Fedora packages are compiled with -fstack-protector since Fedora > Core 5, and -fstack-protector-strong since Fedora 20.[19][20] Most > packages in Ubuntu are compiled with -fstack-protector since 6.10.[21] > Every Arch Linux package is compiled with -fstack-protector since > 2011.[22] All Arch Linux packages built since 4 May 2014 use > -fstack-protector-strong.[23] Stack protection is only used for some > packages in Debian,[24] and only for the FreeBSD base system since > 8.0.[25] Stack protection is standard in certain operating systems, > including OpenBSD,[26] Hardened Gentoo[27] and DragonFly BSD.
For me at least, this is a compelling argument for also defaulting to more secure, but possibly slower, build flags. (Full disclosure: I would personally benefit from the security over performance model of defaults). But I think we should state our reasons plainly in the documentation, and provide an easy way for those who need performance to "recompile the world". -- Katherine
