Integrating ProPolice/SSP into FreeBSD
Kris Kennaway
kris at obsecurity.org
Fri May 26 11:49:37 PDT 2006
On Fri, May 26, 2006 at 07:41:31PM +0100, Robert Watson wrote:
>
> On Fri, 26 May 2006, Jeremie Le Hen wrote:
>
> >first sorry for cross-posting but I thought this patch might interest
> >-CURRENT users as well as people concerned by security.
> >
> >I wrote a patch that integrates ProPolice/SSP into FreeBSD, one step
> >further than it has been realized so far.
>
> This looks very neat.
>
> Could you remind me what, if any, ABI issues might exist? I'm familiar
> with the ideas behind ProPolice, but not the implementation. Can I use
> SSP-compied libraries with pre-SSP applications? Can I use post-SSP
> applications with pre-SSP binaries?
Last time I tried it (several years ago, when I maintained my own
local patch for world integration), backwards binary compatibility was
an issue, i.e. it was possible to hose your system when trying to
revert the changes (since all rebuilt binaries all depend on symbols
no longer provided in libc).
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20060526/1bd7d71c/attachment.pgp
More information about the freebsd-security
mailing list