forked from mirrors/nixpkgs
3ba99f83a7
Enables previously manually disabled stackprotector and stackguard randomization. From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511811: If glibc is built with the --enable-stackguard-randomization option, each application gets a random canary value (at runtime) from /dev/urandom. If --enable-stackguard-randomization is absent, applications get a static canary value of "0xff0a0000". This is very unfortunate, because the attacker may be able to bypass the stack protection mechanism, by placing those 4 bytes in the canary word, before the actual canary check is performed (for example in memcpy-based buffer overflows). |
||
---|---|---|
.. | ||
arduino | ||
beam-modules | ||
bower-modules/generic | ||
compilers | ||
coq-modules | ||
dotnet-modules/patches | ||
eclipse | ||
em-modules/generic | ||
go-modules | ||
guile-modules | ||
haskell-modules | ||
idris-modules | ||
interpreters | ||
libraries | ||
lisp-modules | ||
lua-modules | ||
misc | ||
mobile | ||
node-packages | ||
ocaml-modules | ||
perl-modules | ||
pharo | ||
pure-modules | ||
python-modules | ||
qtcreator | ||
r-modules | ||
ruby-modules | ||
tools | ||
web |