Does Fedora also patch gcc manual to reflect changes in defaults?
Announcement
Collapse
No announcement yet.
Fedora 31 Plans To Use GCC Security Hardening Flags By Default
Collapse
X
-
Originally posted by hreindl View Postand you dumb fuck are running complete different flags due development and then wonder why it in productiin behaves differently?
yeah, and because humans write always perfect code we have that much security updates for every peice of software day for day....
Guess what though? Those vulnerabilities do get fixed when discovered.
What's the point of fixing them at all if you let this stack protector shit still exist? It will do nothing but add an extra check that's useless because the stack is already checked and will STILL be checked no matter how innocent the function is or how fixed it is.
Note that this protects the stack, not the other vulnerabilities that are harder to track down. i.e. usually solves only code from trash developers.
Originally posted by hreindl View Postif you don't want security options use CFLAGS / CXXFLAGS moron
Comment
-
-
Originally posted by hreindl View Postno, you are saying that you believe your code is always error free while history proves that nothing bigger than "hello world" in doubt is and so there are protections for free and only very rare workloads where the introduce any relevant performance issue
Some vulnerabilities are written by newbies, other by trash programmers, and some even by skilled programmers. This doesn't mean a skilled programmer will write just any sort of vulnerability, even those that are usually written by newbies.
Look at this important part: that involve the stack. It has a purpose there.
Probably you think that hacking also happens by typing stuff fast at a screen full of numbers, because that's what you see in movies.Last edited by Weasel; 15 March 2019, 11:08 AM.
Comment
-
Originally posted by hreindl View Postgod damend mistakes happen, it's that easy
the point of hardening is to mitigate them
Originally posted by hreindl View Postonly idiots discuss about such things and google developers are for sure smarter than you
If you define smart by being unable to understand basic stuff or getting confused by it then ok, you have a point. In fact, Google actually write even more trash code than Microsoft and you know the meme about Microsoft's code. You'd know this if you actually looked through their open code, can only imagine what's in their closed code.
But what do you expect from a company hiring based on gender, ethnicity, race, etc... instead of actual skill?
Comment
Comment