On Oct. 7, 2016, 10:15 p.m., Aaron Wood wrote: > > (1) Do we need to make the `CXXFLAGS` conditional on being supported by the > > current compiler? Seems like these flags are quite specific to (certain > > versions of?) gcc/clang. > > > > (2) You should split this review into three separate reviews: a single > > review should make changes to at most one of Mesos, libprocess, and stout. > > > > (3) What _specific_ attack vectors are these changes intended to prevent?
1. I believe the only flag that we need to watch out for with compatability is the `-fstack-protector-strong`. Since Mesos currently requires GCC >= 4.8.1 I think we should be good with the rest. Since `-fstack-protector-strong` is supported in GCC >= 4.9 I propose that we require at least this version. 2. Will do that right now :) 3. Overall the changes here should help prevent buffer overflows, stack overflows, and general memory corruption attacks. Having position independent code/binaries will also better take advantage of address space layout randomization which makes it much harder to successfully perform exploits. This should ideally give us better protection from zero days as well. - Aaron ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/52645/#review151886 ----------------------------------------------------------- On Oct. 7, 2016, 7:22 p.m., Aaron Wood wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/52645/ > ----------------------------------------------------------- > > (Updated Oct. 7, 2016, 7:22 p.m.) > > > Review request for mesos and Michael Park. > > > Bugs: MESOS-6229 > https://issues.apache.org/jira/browse/MESOS-6229 > > > Repository: mesos > > > Description > ------- > > Use a default set of flags to provide additional security and hardening to > Mesos. Additionally, check and catch more warnings/errors. > > > Diffs > ----- > > 3rdparty/libprocess/Makefile.am 020b0e1 > 3rdparty/stout/Makefile.am fda069d > src/Makefile.am bfdb66a > > Diff: https://reviews.apache.org/r/52645/diff/ > > > Testing > ------- > > Compared the benchmarks with and without the flags being used. Also did a > comparsion with the flags being used with and without optimizations and > without the flags being used with and without optimizations. Overall the > performance hit was very small with a 3-8% overhead (optimizations brings > this down slightly). Most benchmarks were about 5% (or less) slower. > > > Thanks, > > Aaron Wood > >