Compier Question: Propolice with GNU GCC compiler...
tom
tmarinis99
Mon May 17 11:46:17 PDT 2004
Greets list...
I am curious, but anyone ever used Propolice for a firewall?
>From what I understand, IBM had a patch for REDHAT 6.0 when Propolice
was first created and coded by Etoh around 5 years ago. IBM's site
still has some info on the Propolice site.
http://www.trl.ibm.com/projects/security/ssp/
Propolice supposedly protects applications from a stack smash attacks
via the internet from buffer overflow.
I am wondering if any the linux users here have tried this out on a
firewall, and if the Propolice patch actually contributed to the
performance and security needs of the kernel with respect to
bufferoverflow attacks.
I've heard that currently GENTOO has this patch with its
distro, so I want to know;
- if the Propolice patch affects the kernel in any manner
( if you know ),
- if there are any gotcha's with the compiler, or with trying to
compile any programs or code with this patch,
[ programs to ignore, avoid, like mkisofs, popt, usernet,
xpilot; are there any others? kde? mozilla? iptables? netkit? ]
- or if you are running GENTOO as a firewall somewhere, I would
like to hear if there are good/bad things about it.
Basically, I would like an opinion about Propolice, if it is as
good as everyone writes about it.
[ I am considering getting this patch and incorporating Propolice
onto my workstation. I understand it is a major chore, having
to recompile almost all the sourcecode again, with the exception
of a few programs. Slack 9.0 would be the distro I'd be using...
However, it would improve my flaky knowledge with Linux and C :) ]
---tm---
Linux Registration Number; 184093,
http://counter.li.org
__________________________________________________________________
Try AOL and get 1045 hours FREE for 45 days!
http://free.aol.com/tryaolfree/index.adp?375380
Get AOL Instant Messenger 5.1 for FREE! Download Now!
http://aim.aol.com/aimnew/Aim/register.adp?promo=380455
More information about the Linux-users
mailing list