[CFT] SSP Package Repository available
Bryan Drewery
bdrewery at FreeBSD.org
Thu Aug 21 15:58:55 UTC 2014
On 8/21/2014 9:31 AM, Jerry wrote:
> On Thu, 21 Aug 2014 16:05:46 +0200, Mathias Picker stated:
>
>> On Mi, 2014-08-20 at 11:34 -0500, Bryan Drewery wrote:
>>> On 9/21/2013 5:49 AM, Bryan Drewery wrote:
>>>> Ports now support enabling Stack Protector [1] support on FreeBSD 10
>>>> i386 and amd64, and older releases on amd64 only currently.
>>>>
>>>> Support may be added for earlier i386 releases once all ports properly
>>>> respect LDFLAGS.
>>>>
>>>> To enable, just add WITH_SSP=yes to your make.conf and rebuild all ports.
>>>>
>>>> The default SSP_CLFAGS is -fstack-protector, but -fstack-protector-all
>>>> may optionally be set instead.
>>>>
>>>> Please help test this on your system. We would like to eventually enable
>>>> this by default, but need to identify any major ports that have run-time
>>>> issues due to it.
>>>>
>>>> [1] https://en.wikipedia.org/wiki/Buffer_overflow_protection
>
> I always build my own ports, I don't use pre-compiled packages. If I place
> "WITH_SSP=yes" in the /etc/make.conf" file, do I still have to rebuild all
> the ports on my system? I am running FreeBSD-10 amd64.
>
Only things built after adding WITH_SSP_PORTS=yes will have SSP enabled.
(WITH_SSP works too but is not the official name anymore).
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20140821/f364d37e/attachment.sig>
More information about the freebsd-ports
mailing list