3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/development/libraries/glibc
Franz Pletz 3ba99f83a7
glibc: enable stackprotection hardening
Enables previously manually disabled stackprotector and stackguard
randomization.

From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=511811:

    If glibc is built with the --enable-stackguard-randomization option,
    each application gets a random canary value (at runtime) from /dev/urandom.
    If --enable-stackguard-randomization is absent, applications get a static
    canary value of "0xff0a0000". This is very unfortunate, because the
    attacker may be able to bypass the stack protection mechanism, by placing
    those 4 bytes in the canary word, before the actual canary check is
    performed (for example in memcpy-based buffer overflows).
2016-09-12 02:36:11 +02:00
..
common.nix glibc: enable stackprotection hardening 2016-09-12 02:36:11 +02:00
default.nix glibc: enable stackprotection hardening 2016-09-12 02:36:11 +02:00
dont-use-system-ld-so-cache.patch
dont-use-system-ld-so-preload.patch
fix_path_attribute_in_getconf.patch
glibc-crypt-blowfish.patch
glibc-remove-datetime-from-nscd.patch
info.nix Merge master into closure-size 2016-03-08 09:58:19 +01:00
locales-builder.sh
locales.nix Merge master into closure-size 2016-03-08 09:58:19 +01:00
multi.nix glibc_multi: Reference dev outputs of glibc 2016-08-30 15:18:51 +03:00
nix-locale-archive.patch
rpcgen-path.patch