building with WITHOUT_SSP side effect

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

building with WITHOUT_SSP side effect

freebsd-hackers mailing list
Greetings,

I've builded 11-stable ( 11.2-STABLE  r344696) from source with option
WITHOUT_SSP="yes" in src.conf.

Installing kernel and world was OK. But  when I tried to build from port it give me an error:
configure: error: in `/usr/ports/ports-mgmt/pkg/work/pkg-1.10.5':
configure: error: C compiler cannot create executables

config.log:
...
configure:3555: cc -v >&5
FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
Target: x86_64-unknown-freebsd11.2
...
configure:3608: cc -O2 -pipe  -Wno-error -fno-strict-aliasing     conftest.c  >&5
/usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
cc: error: linker command failed with exit code 1 (use -v to see invocation)

And yes, there is SSP_UNSAFE=yes in make.conf

Is this a bug or feature?

--
Best regards,
 Anthony Pankov                         mailto:[hidden email]

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

freebsd-hackers mailing list
It  seems  that  world  builded with  WITHOUT_SSP=yes loose ability to
build anything.

# cc -v test.c
FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
Target: x86_64-unknown-freebsd11.2
Thread model: posix
InstalledDir: /usr/bin
 "/usr/bin/cc" -cc1 -triple x86_64-unknown-freebsd11.2 -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.c -mrelocation-model static -mthread-model posix -mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/7.0.1 -fdebug-compilation-dir /root/test -ferror-limit 19 -fmessage-length 90 -fobjc-runtime=gnustep -fdiagnostics-show-option -fcolor-diagnostics -o /tmp/test-d853d1.o -x c test.c -faddrsig
clang -cc1 version 7.0.1 based upon LLVM 7.0.1 default target x86_64-unknown-freebsd11.2
#include "..." search starts here:
#include <...> search starts here:
 /usr/lib/clang/7.0.1/include
 /usr/include
End of search list.
 "/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 --hash-style=both --enable-new-dtags -o a.out /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/test-d853d1.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o
/usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a


> Greetings,

> I've builded 11-stable ( 11.2-STABLE  r344696) from source with option
> WITHOUT_SSP="yes" in src.conf.

> Installing kernel and world was OK. But  when I tried to build from port it give me an error:
> configure: error: in `/usr/ports/ports-mgmt/pkg/work/pkg-1.10.5':
> configure: error: C compiler cannot create executables

> config.log:
> ...
> configure:3555: cc -v >&5
> FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
> Target: x86_64-unknown-freebsd11.2
> ...
> configure:3608: cc -O2 -pipe  -Wno-error -fno-strict-aliasing     conftest.c  >&5
> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> cc: error: linker command failed with exit code 1 (use -v to see invocation)

> And yes, there is SSP_UNSAFE=yes in make.conf

> Is this a bug or feature?




--
Best regards,
 Anthony Pankov                         mailto:[hidden email]

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

Konstantin Belousov
On Mon, Mar 04, 2019 at 07:56:02PM +0300, Anthony Pankov via freebsd-hackers wrote:

> It  seems  that  world  builded with  WITHOUT_SSP=yes loose ability to
> build anything.
>
> # cc -v test.c
> FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
> Target: x86_64-unknown-freebsd11.2
> Thread model: posix
> InstalledDir: /usr/bin
>  "/usr/bin/cc" -cc1 -triple x86_64-unknown-freebsd11.2 -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.c -mrelocation-model static -mthread-model posix -mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/7.0.1 -fdebug-compilation-dir /root/test -ferror-limit 19 -fmessage-length 90 -fobjc-runtime=gnustep -fdiagnostics-show-option -fcolor-diagnostics -o /tmp/test-d853d1.o -x c test.c -faddrsig
> clang -cc1 version 7.0.1 based upon LLVM 7.0.1 default target x86_64-unknown-freebsd11.2
> #include "..." search starts here:
> #include <...> search starts here:
>  /usr/lib/clang/7.0.1/include
>  /usr/include
> End of search list.
>  "/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 --hash-style=both --enable-new-dtags -o a.out /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/test-d853d1.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o
> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
It seems that you installed without specifying WITHOUT_SSP, which
ended up installing wrong linker script as libc.a.  Either create dummy
libssp_nonshared.a, or reinstall libc.a (look at lib/libc/Makefile for
SHLIB_LDSCRIPT), or reinstall the world.

>
>
> > Greetings,
>
> > I've builded 11-stable ( 11.2-STABLE  r344696) from source with option
> > WITHOUT_SSP="yes" in src.conf.
>
> > Installing kernel and world was OK. But  when I tried to build from port it give me an error:
> > configure: error: in `/usr/ports/ports-mgmt/pkg/work/pkg-1.10.5':
> > configure: error: C compiler cannot create executables
>
> > config.log:
> > ...
> > configure:3555: cc -v >&5
> > FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
> > Target: x86_64-unknown-freebsd11.2
> > ...
> > configure:3608: cc -O2 -pipe  -Wno-error -fno-strict-aliasing     conftest.c  >&5
> > /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> > cc: error: linker command failed with exit code 1 (use -v to see invocation)
>
> > And yes, there is SSP_UNSAFE=yes in make.conf
>
> > Is this a bug or feature?
>
>
>
>
> --
> Best regards,
>  Anthony Pankov                         mailto:[hidden email]
>
> _______________________________________________
> [hidden email] mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "[hidden email]"
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

freebsd-hackers mailing list
Thank you for reply,

Do you mean that I must install world explicity as

make installworld WITHOUT_SSP=yes

and  the same string in src.conf is not enough? I'm sure that I didn't
touch src.conf between 'buildworld' and 'installworld'.


> On Mon, Mar 04, 2019 at 07:56:02PM +0300, Anthony Pankov via freebsd-hackers wrote:
>> It  seems  that  world  builded with  WITHOUT_SSP=yes loose ability to
>> build anything.
>>
>> # cc -v test.c
>> FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
>> Target: x86_64-unknown-freebsd11.2
>> Thread model: posix
>> InstalledDir: /usr/bin
>>  "/usr/bin/cc" -cc1 -triple x86_64-unknown-freebsd11.2 -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.c -mrelocation-model static -mthread-model posix -mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/7.0.1 -fdebug-compilation-dir /root/test -ferror-limit 19 -fmessage-length 90 -fobjc-runtime=gnustep -fdiagnostics-show-option -fcolor-diagnostics -o /tmp/test-d853d1.o -x c test.c -faddrsig
>> clang -cc1 version 7.0.1 based upon LLVM 7.0.1 default target x86_64-unknown-freebsd11.2
>> #include "..." search starts here:
>> #include <...> search starts here:
>>  /usr/lib/clang/7.0.1/include
>>  /usr/include
>> End of search list.
>>  "/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 --hash-style=both --enable-new-dtags -o a.out /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/test-d853d1.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o
>> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> It seems that you installed without specifying WITHOUT_SSP, which
> ended up installing wrong linker script as libc.a.  Either create dummy
> libssp_nonshared.a, or reinstall libc.a (look at lib/libc/Makefile for
> SHLIB_LDSCRIPT), or reinstall the world.

>>
>>
>> > Greetings,
>>
>> > I've builded 11-stable ( 11.2-STABLE  r344696) from source with option
>> > WITHOUT_SSP="yes" in src.conf.
>>
>> > Installing kernel and world was OK. But  when I tried to build from port it give me an error:
>> > configure: error: in `/usr/ports/ports-mgmt/pkg/work/pkg-1.10.5':
>> > configure: error: C compiler cannot create executables
>>
>> > config.log:
>> > ...
>> > configure:3555: cc -v >&5
>> > FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
>> > Target: x86_64-unknown-freebsd11.2
>> > ...
>> > configure:3608: cc -O2 -pipe  -Wno-error -fno-strict-aliasing     conftest.c  >&5
>> > /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
>> > cc: error: linker command failed with exit code 1 (use -v to see invocation)
>>
>> > And yes, there is SSP_UNSAFE=yes in make.conf
>>
>> > Is this a bug or feature?
>>
>>
>>
>>
>> --
>> Best regards,
>>  Anthony Pankov                         mailto:[hidden email]
>>
>> _______________________________________________
>> [hidden email] mailing list
>> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> To unsubscribe, send any mail to "[hidden email]"
> _______________________________________________
> [hidden email] mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to
> "[hidden email]"



--
С уважением,
 Anthony                          mailto:[hidden email]

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

Konstantin Belousov
On Mon, Mar 04, 2019 at 08:31:33PM +0300, Anthony Pankov wrote:
> Thank you for reply,
>
> Do you mean that I must install world explicity as
>
> make installworld WITHOUT_SSP=yes
>
> and  the same string in src.conf is not enough? I'm sure that I didn't
> touch src.conf between 'buildworld' and 'installworld'.
Check your /usr/lib/libc.a, if it mentions libssp_nonshared.a then
you have something broken.

>
>
> > On Mon, Mar 04, 2019 at 07:56:02PM +0300, Anthony Pankov via freebsd-hackers wrote:
> >> It  seems  that  world  builded with  WITHOUT_SSP=yes loose ability to
> >> build anything.
> >>
> >> # cc -v test.c
> >> FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
> >> Target: x86_64-unknown-freebsd11.2
> >> Thread model: posix
> >> InstalledDir: /usr/bin
> >>  "/usr/bin/cc" -cc1 -triple x86_64-unknown-freebsd11.2 -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.c -mrelocation-model static -mthread-model posix -mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/7.0.1 -fdebug-compilation-dir /root/test -ferror-limit 19 -fmessage-length 90 -fobjc-runtime=gnustep -fdiagnostics-show-option -fcolor-diagnostics -o /tmp/test-d853d1.o -x c test.c -faddrsig
> >> clang -cc1 version 7.0.1 based upon LLVM 7.0.1 default target x86_64-unknown-freebsd11.2
> >> #include "..." search starts here:
> >> #include <...> search starts here:
> >>  /usr/lib/clang/7.0.1/include
> >>  /usr/include
> >> End of search list.
> >>  "/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 --hash-style=both --enable-new-dtags -o a.out /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/test-d853d1.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o
> >> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> > It seems that you installed without specifying WITHOUT_SSP, which
> > ended up installing wrong linker script as libc.a.  Either create dummy
> > libssp_nonshared.a, or reinstall libc.a (look at lib/libc/Makefile for
> > SHLIB_LDSCRIPT), or reinstall the world.
>
> >>
> >>
> >> > Greetings,
> >>
> >> > I've builded 11-stable ( 11.2-STABLE  r344696) from source with option
> >> > WITHOUT_SSP="yes" in src.conf.
> >>
> >> > Installing kernel and world was OK. But  when I tried to build from port it give me an error:
> >> > configure: error: in `/usr/ports/ports-mgmt/pkg/work/pkg-1.10.5':
> >> > configure: error: C compiler cannot create executables
> >>
> >> > config.log:
> >> > ...
> >> > configure:3555: cc -v >&5
> >> > FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
> >> > Target: x86_64-unknown-freebsd11.2
> >> > ...
> >> > configure:3608: cc -O2 -pipe  -Wno-error -fno-strict-aliasing     conftest.c  >&5
> >> > /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
> >> > cc: error: linker command failed with exit code 1 (use -v to see invocation)
> >>
> >> > And yes, there is SSP_UNSAFE=yes in make.conf
> >>
> >> > Is this a bug or feature?
> >>
> >>
> >>
> >>
> >> --
> >> Best regards,
> >>  Anthony Pankov                         mailto:[hidden email]
> >>
> >> _______________________________________________
> >> [hidden email] mailing list
> >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> >> To unsubscribe, send any mail to "[hidden email]"
> > _______________________________________________
> > [hidden email] mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> > To unsubscribe, send any mail to
> > "[hidden email]"
>
>
>
> --
> С уважением,
>  Anthony                          mailto:[hidden email]
>
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

freebsd-hackers mailing list
I have looked on it and found no ssp entries:

ar t /usr/lib/libc.a |grep ssp

wcsspn.o
readpassphrase.o

P.S.
touch  /usr/lib/libssp_nonshared.a

is a cure. But it seems weird.


> On Mon, Mar 04, 2019 at 08:31:33PM +0300, Anthony Pankov wrote:
>> Thank you for reply,
>>
>> Do you mean that I must install world explicity as
>>
>> make installworld WITHOUT_SSP=yes
>>
>> and  the same string in src.conf is not enough? I'm sure that I didn't
>> touch src.conf between 'buildworld' and 'installworld'.
> Check your /usr/lib/libc.a, if it mentions libssp_nonshared.a then
> you have something broken.

>>
>>
>> > On Mon, Mar 04, 2019 at 07:56:02PM +0300, Anthony Pankov via freebsd-hackers wrote:
>> >> It  seems  that  world  builded with  WITHOUT_SSP=yes loose ability to
>> >> build anything.
>> >>
>> >> # cc -v test.c
>> >> FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
>> >> Target: x86_64-unknown-freebsd11.2
>> >> Thread model: posix
>> >> InstalledDir: /usr/bin
>> >>  "/usr/bin/cc" -cc1 -triple x86_64-unknown-freebsd11.2 -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.c -mrelocation-model static -mthread-model posix -mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -v -resource-dir /usr/lib/clang/7.0.1 -fdebug-compilation-dir /root/test -ferror-limit 19 -fmessage-length 90 -fobjc-runtime=gnustep -fdiagnostics-show-option -fcolor-diagnostics -o /tmp/test-d853d1.o -x c test.c -faddrsig
>> >> clang -cc1 version 7.0.1 based upon LLVM 7.0.1 default target x86_64-unknown-freebsd11.2
>> >> #include "..." search starts here:
>> >> #include <...> search starts here:
>> >>  /usr/lib/clang/7.0.1/include
>> >>  /usr/include
>> >> End of search list.
>> >>  "/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 --hash-style=both --enable-new-dtags -o a.out /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/test-d853d1.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o
>> >> /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
>> > It seems that you installed without specifying WITHOUT_SSP, which
>> > ended up installing wrong linker script as libc.a.  Either create dummy
>> > libssp_nonshared.a, or reinstall libc.a (look at lib/libc/Makefile for
>> > SHLIB_LDSCRIPT), or reinstall the world.
>>
>> >>
>> >>
>> >> > Greetings,
>> >>
>> >> > I've builded 11-stable ( 11.2-STABLE  r344696) from source with option
>> >> > WITHOUT_SSP="yes" in src.conf.
>> >>
>> >> > Installing kernel and world was OK. But  when I tried to build from port it give me an error:
>> >> > configure: error: in `/usr/ports/ports-mgmt/pkg/work/pkg-1.10.5':
>> >> > configure: error: C compiler cannot create executables
>> >>
>> >> > config.log:
>> >> > ...
>> >> > configure:3555: cc -v >&5
>> >> > FreeBSD clang version 7.0.1 (tags/RELEASE_701/final 349250) (based on LLVM 7.0.1)
>> >> > Target: x86_64-unknown-freebsd11.2
>> >> > ...
>> >> > configure:3608: cc -O2 -pipe  -Wno-error -fno-strict-aliasing     conftest.c  >&5
>> >> > /usr/bin/ld: cannot find /usr/lib/libssp_nonshared.a
>> >> > cc: error: linker command failed with exit code 1 (use -v to see invocation)
>> >>
>> >> > And yes, there is SSP_UNSAFE=yes in make.conf
>> >>
>> >> > Is this a bug or feature?
>> >>
>> >>
>> >>
>> >>
>> >> --
>> >> Best regards,
>> >>  Anthony Pankov                         mailto:[hidden email]
>> >>
>> >> _______________________________________________
>> >> [hidden email] mailing list
>> >> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> >> To unsubscribe, send any mail to "[hidden email]"
>> > _______________________________________________
>> > [hidden email] mailing list
>> > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
>> > To unsubscribe, send any mail to
>> > "[hidden email]"
>>
>>
>>
>> --
>> С уважением,
>>  Anthony                          mailto:[hidden email]
>>
> _______________________________________________
> [hidden email] mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to
> "[hidden email]"



--
С уважением,
 Anthony                          mailto:[hidden email]

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

Shawn Webb-3
I'm curious about your use case for building without stack cookies.

Thanks,

--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD

Tor-ified Signal:    +1 443-546-8752
Tor+XMPP+OTR:        [hidden email]
GPG Key ID:          0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89  3D9E 6A84 658F 5245 6EEE

On Mon, Mar 04, 2019 at 08:56:34PM +0300, Anthony Pankov via freebsd-hackers wrote:

> I have looked on it and found no ssp entries:
>
> ar t /usr/lib/libc.a |grep ssp
>
> wcsspn.o
> readpassphrase.o
>
> P.S.
> touch  /usr/lib/libssp_nonshared.a
>
> is a cure. But it seems weird.

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

freebsd-hackers mailing list
In  my  case  no  applications  from  the  base  "world" listen to the
internet (no open ports from syslogd, bind, sendmail, etc). Also there
is no public login to servers.

So  I  see  SSP  as  waste of billions and billions instruction. The
probability  of  joint  events: the known user become an evil hacker
AND  the  weakest point is the buffer overflow in systems base world -
is  near  zero.  At  least  because weakest point can be obtained more
easily from misconfiguration, additional packages etc.

The   idea   was   to  throw  out  SSP  from kernel and base world but
fortify  sshd,  postfix etc. But things went not as smooth as desired.

> I'm curious about your use case for building without stack cookies.

> Thanks,

--
Best regards,
 Anthony Pankov                          mailto:[hidden email]

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: building with WITHOUT_SSP side effect

freebsd-hackers mailing list
In reply to this post by Shawn Webb-3
Shawn Webb <[hidden email]> wrote:

> I'm curious about your use case for building without stack cookies.

GPL ?
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[hidden email]"