This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Re: -fno-stack-protector
Mike Frysinger <vapier@gentoo.org> wrote:
> On Monday 05 May 2008, Mark Seaborn wrote:
> > It would be useful if glibc knew how to turn gcc's stack-protector
> > option off. This patch should do the trick. If -fno-stack-protector
> > is available it adds it to CFLAGS:
>
> ugh, no. this is the opposite of what we should do. glibc should
> detect that it's being built with SSP and so account for it. we
> build glibc with SSP in Hardened Gentoo. we havent bothered posting
> the changes to the libc lists though as we've always been told that
> what we want to do (build glibc with SSP) is stupid.
OK, I found the changes you were referring to. This file makes ld.so
build with -fstack-protector:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-libs/glibc/files/2.6/glibc-2.6-gentoo-stack_chk_fail.c?rev=1.4&view=markup
and this adds it into the glibc source tree:
http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-libs/glibc/glibc-2.7.ebuild?rev=1.12&view=markup
Not sure I like the idea of having ld.so know about syslog.
I think you should post changes like this. It helps the rest of us
understand glibc if nothing else.
Cheers,
Mark