Groups
Sign in
Groups
HardenedBSD Users
Conversations
About
Send feedback
Help
HEADS UP: _FORTIFY_SOURCE=2 is the default in 15-CURRENT
12 views
Skip to first unread message
Shawn Webb
unread,
May 16, 2024, 5:16:31 PM
May 16
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to HardenedBSD Users
Hey all,
FreeBSD recently imported a port of NetBSD's _FORITY_SOURCE
implementation[1].
I've enabled it to be set to 2 by default on 15-CURRENT[2]. I've also
enabled it in ports[3].
If you experience issues, please let me know. There will likely be a
large number of ports to fix (and fixes are already coming in.)
[1]:
https://cgit.freebsd.org/src/commit/?id=be04fec42638f30f50b5b55fd8e3634c0fb89928
[2]:
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/commit/927fd28755da27c5dd2b1b0d0396c93db585f933
[3]:
https://git.hardenedbsd.org/hardenedbsd/ports/-/commit/3d7dcd284ce3083103edd6b28b3d232abbfeaa63
For more information about _FORTIFY_SOURCE, please visit the following
links:
1.
https://developers.redhat.com/articles/2023/07/04/developers-guide-secure-coding-fortifysource#how_to_use_fortify_source
2.
https://www.gnu.org/software/libc/manual/html_node/Source-Fortification.html
3.
https://developers.redhat.com/blog/2020/02/11/toward-_fortify_source-parity-between-clang-and-gcc#first_glance
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal:
+1 303-901-1600
/ shawn_webb_opsec.50
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
signature.asc
Reply all
Reply to author
Forward
0 new messages