| Summary: | gcc-4.3.3-r2 should also be masked | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Hongjiu Zhang <voidprayer> |
| Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | x86 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Hongjiu Zhang
2009-06-08 11:40:49 UTC
It's not a bug. gcc-4.3.3-r2 is experimental on hardened profile with default enforcement of relro, bind now, pic/pie, fortify_source and -fno-strict-overflow. SSP has not been integrated yet. Sorry to keep on asking for more information. You said that gcc-4.3.3-r2 do not integrate SSP implementation. So if I want to experience gcc:4's SSP, I can only emerge gcc-4.3.2? And is it recommended to test the gcc-4 SSP on non-critical hardened system, like some nut people' laptops? Is it currently really helpful for official work? (In reply to comment #2) > Sorry to keep on asking for more information. You said that gcc-4.3.3-r2 do not > integrate SSP implementation. So if I want to experience gcc:4's SSP, I can > only emerge gcc-4.3.2? No, none of the gcc-4 implementations do SSP by default like hardened gcc-3.4.6 does. > > And is it recommended to test the gcc-4 SSP on non-critical hardened system, > like some nut people' laptops? Is it currently really helpful for official > work? > Well yeah.. it's testing/unstable marked right? So test on non-critical before deploying anywhere else of course. Yes, it's helpful... if people report successes or bugs they find. |
