|
⇤ ← Revision 1 as of 2005-05-31 07:47:57
Size: 1239
Comment:
|
← Revision 2 as of 2008-05-16 05:53:32 ⇥
Size: 1239
Comment: converted to 1.6 markup
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 26: | Line 26: |
| '''IBM's Page:''' http://www.research.ibm.com/trl/projects/security/ssp/ [[BR]] '''Hardened Gentoo:''' http://www.gentoo.org/proj/en/hardened/ [[BR]] '''OpenBSD:''' http://www.openbsd.org [[BR]] |
'''IBM's Page:''' http://www.research.ibm.com/trl/projects/security/ssp/ <<BR>> '''Hardened Gentoo:''' http://www.gentoo.org/proj/en/hardened/ <<BR>> '''OpenBSD:''' http://www.openbsd.org <<BR>> |
ProPolice
ProPolice is a stack smashing protector developed by IBM and based on StackGuard.
It is a patchset for gcc designed to protect compiled applications from attacks which manipulate the stack (ie, buffer-overruns).
ProPolice will add the following options to gcc:
-fstack-protector : Enable stack protection for functions which contain
character arrays.
-fno-stack-protector : Disable use of stack protection (ProPolice).
-fstack-protector-all : Enable stack protection for all functions.
-fno-stack-protector-all : Disables stack protection for all functions.The stack protection provided by ProPolice is specifically for the C and C++ languages.
ProPolice is currently used by OpenBSD, DragonFly BSD and IPCop. It is also optionally available in Gentoo Linux with the hardened USE flag.
See Also:
IBM's Page: http://www.research.ibm.com/trl/projects/security/ssp/
Hardened Gentoo: http://www.gentoo.org/proj/en/hardened/
OpenBSD: http://www.openbsd.org
WikiPedia Page: http://en.wikipedia.org/wiki/ProPolice