Hello,
> Module Name: src
> Committed By: tron
> Date: Wed Nov 11 16:35:45 UTC 2009
>
> Modified Files:
> src/share/mk: bsd.sys.mk bsd.x11.mk
>
> Log Message:
> Enable Stack Smash Protection (SSP) by default for NetBSD/amd64 and
> NetBSD/i386 as previously discussed on the "port-amd64" and
> "port-i386" mailing lists. No objections from the core team.
My last impression from port-{i386|amd64} was that SSP wont be enabled.
I was not particularly keen to see this enabled by default in the kernel.
It hits performance * and makes code bigger. Point that it can find some
bugs is reasonable, but then why not enable it for, let's say, DIAGNOSTIC
option? Although it also makes assembly harder to read when debugging..
* 5% performance hit on build.sh is not really a small number to me.
--
Mindaugas
