ProPolice

ProPolice

ProPolice is a stack smashing protector developed by IBM and based on StackGuard.

It is a patchset for gcc designed to protect compiled applications from attacks which manipulate the stack (ie, buffer-overruns).

ProPolice will add the following options to gcc:

    -fstack-protector        : Enable stack protection for functions which contain
                               character arrays.

    -fno-stack-protector     : Disable use of stack protection (ProPolice).

    -fstack-protector-all    : Enable stack protection for all functions.

    -fno-stack-protector-all : Disables stack protection for all functions.

The stack protection provided by ProPolice is specifically for the C and C++ languages.

ProPolice is currently used by OpenBSD, DragonFly BSD and IPCop. It is also optionally available in Gentoo Linux with the hardened USE flag.

See Also:

• IBM's Page: http://www.research.ibm.com/trl/projects/security/ssp/
  Hardened Gentoo: http://www.gentoo.org/proj/en/hardened/
  OpenBSD: http://www.openbsd.org
  WikiPedia Page: http://en.wikipedia.org/wiki/ProPolice

ProPolice (last edited 2008-05-16 05:53:32 by localhost)

• Immutable Page

DeleteCache (cached 2013-04-07 00:45:12)

Or try one of these actions: AttachFile, Despam, LikePages, Load, LocalSiteMap, PackagePages, Save, SlideShow, SpellCheck, SubscribeUser, SyncPages