Hi,
I just figured out you can build binaries with a gcc compiler with propolice stack-smashing protector and those binaries work fine on other machines, except that any buffer-overflow exploit is now turned into remote crashes at worst.
Since especially in this phase ff,tb and moz will be searched again and again for exploitable bugs this simple measure can take out the sting of the most often exploited class of bugs. At the acceptable cost of 1% performance loss.
# Han
build firefox, thunderbird and mozilla with propolice
-
- Posts: 3
- Joined: May 14th, 2004, 2:53 pm
-
- Posts: 3
- Joined: May 14th, 2004, 2:53 pm
Right.
http://www.research.ibm.com/trl/projects/security/ssp/
But since it's a gcc extension I don't think this is w32 related.
http://www.research.ibm.com/trl/projects/security/ssp/
But since it's a gcc extension I don't think this is w32 related.