If you visit my blog you may recall I blogged about feature request for enabling stack-smashing protection in Arch Linux. I had created feature request in Arch Linux bug tracker in March 2010. As you can see this initiated some discussions and finally, after almost 1,5 year they decided to go for it! The default compilation flags have been changed to use stack protector and main toolchain packages were recompiled; other packages will follow with new releases. For now the change is in [testing] repo and should become available in [core] in a few weeks.
So, rejoice Arch users! Unfortunately me personally will not benefit from it since I stopped using Arch some time ago - GNOME 3.0 release (which ruined my desktop experience) and power-off issues caused by updates made me look for a more reliable system (which is Debian Squeeze at the moment). I must admit however that I miss Arch a lot, and the acceptance of stack protector reminds me of it...
BTW, Debian still doesn't take advantage of GCC's stack protector, which is a pitty. Fortunately, Debian security team is aware of this and they plan to enable hardening features in Debian Wheezy.
No comments:
Post a Comment