Install-time "hardening" options

Ronald F. Guilmette rfg at
Fri Oct 13 01:09:13 UTC 2017

In message <12473. at>, 
"Valeri Galtsev" <galtsev at> wrote:

>On Thu, October 12, 2017 4:07 pm, Ronald F. Guilmette wrote:
>>>> (*) Insert stack guard page ahead of growable segments
>>>I personally have mixed feeling about this.
>> By all means, please elaborate.
>> Under what scenarios, if any, would the use of stack guards -not- be an
>> exceptionally desirable thing?  (I've already conceeded that
>> memory-limited
>> embedded uses are a special case.  But there are specialized distros for
>> that.)
>Well, I actually have a mixed feelings about stack guards themselves, I do
>not feel they give good protection for other memory areas, be those areas
>just few addresses away or far-far away.

Well, no single technique is going to solve everything, but I'd rather
have this one than nothing.

>But that must be just my
>ignorance, and you, as system architecture expert, are quite likely right,
>no matter what I feel like.

I have never and would never claim to be "architecture expert".  Even if
you were to catch me at my most braggadocious moment, I would only claim
to be the World's Second Foremost authority (on nothing in particular)
ranking just behind this fellow:

(Actually, now that he has passed away, earlier this year, I guess that
I can now lay claim to being the World's Foremost Authority.)

>Thanks for all your insights you have shared!



More information about the freebsd-questions mailing list