[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] Stack smash protected daemons
From:       Thierry Carrez <koon () gentoo ! org>
Date:       2004-09-27 8:02:54
Message-ID: 4157C92E.1090407 () gentoo ! org
[Download RAW message or body]


Ciaran McCreesh wrote:

> Eh, whatever. It seems that certain people are obsessed with screwing
> over our users by default for little gain, and somehow have this strange
> notion that anything which has the word security in it is suddenly of
> vital importance at the expense of absolutely everything else.
> 
> But hey, it's 'security', so it must be right! *sigh*

No, security is just a trade-off. You evaluate a specific countermeasure
based on what you're trying to protect, how the solution mitigates that
risk, what other risks it creates and what other trade-offs it requires.

Here you're trying to protect your computer from being abused, be it for
the information is contains (get information about you) or the computing
power it offers (host porn or send spam with your resources). Overflows
represent a significant percentage of attack vectors, and most of them
are prevented using the SSP "band-aid", pending a thorough audit of all
software used. What other risks does it create ? None significant I can
think of. What other trade-offs does it require ? A slight performance
hit and SSP compatibility bugs entering bugzilla.

So is it worth it ? It obviously depends on you. I would say yes, not
because there is the word 'security' on it, but because my analysis
tells me that the slight performance hit is worth the added security,
and I think we can support SSP specific bugs. You would say no.

-- 
Koon
Gentoo Linux Security Team

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]