> John Summerfield <[EMAIL PROTECTED]> writes:
>
> > One thing I do not understand; why has stackguard (or similar) not been
> > incorporated into gcc 2.95 and/or egcs?
>
> Well, for one thing, not all programs will work with stackguard. Most
> notably, the Linux kernel.
That's mentioned in the Stackguard documentation
>
> But that could be fixed by having it as an option. The real reason
There is such an option
> (since I can't find any others on the gcc mailing lists) is probably
> that it hasn't been officially contributed with legal papers signing
> the copyright over to the FSF.
I don't have it here any more; it fell victim to my cleanup with I decided
I'd go to gcc 2.95 on my workstation & mostly egcs on RHL 5.x, so I can't
easily check. However, I thought that
1 The fact of gcc being GPL means that other authors can't make changes
and distribute under any other licence.
2 If there be some reason I'm wrong, then what prevents it being
reingineered? It needs to in any event to fit new compilers - it is
specific to gcc 2.7 or thereabouts.
> > A program that works is much more useful than a faster program that
> > doesn't.
>
> But stackguard doesn't guarantee that your program works, just that if
> it doesn't, it's less likely to allow an attacker to cause damage.
Nothing guarantees absolutely that any significant program works. That's
no excuse not to reduce the likelihood of problems.
In chess, a castled king is usually safer than an uncastled one; it
doesn't prevent it from being checkmated though, its position at the side,
hiding behind pawns and knight just helps keep it safe.
Similarly, I prefer authors of programs I depend on take all reasonable
measures. I have seen reports on RHS lists of problems that would
(according to its authors) have been avoided by using the stackguard
enabled compiler.
After all, one of the functions of a compiler is supposedly to protect
programmers (and their users) from their stupidity.
--
Cheers
John Summerfield
http://os2.ami.com.au/os2/ for OS/2 support.
Configuration, networking, combined IBM ftpsites index.
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null