A start

T_B T_B at sympatico.ca
Sun Jan 11 12:09:36 PST 2004


"Robert Connolly" <cendres at videotron.ca> wrote in message
news:200401062314.01289.cendres at videotron.ca...
> Thanks Jeroen. This might be realy helpfull :)
>
> http://wiki.linuxfromscratch.org/index.php?pagename=HLFS
>

I have completed an HLFS build trying to use these instructions and have the
following comments:

1) Chapter 5: binutils:  A note should be added here for those building an
HLFS from scratch, that
            the HJL version will require m4, bison and flex in order to
build successfully in Chapter 6.
            These packages are not built in chapter 5 for a standard LFS
system.

2) Testing Propolice: There is a typo here as the first compile of fail
needs -fno-stack-protector.
            I actually did 3 builds of fail.c with the following results:

                # ./fail1 /* Created with -fno-stack-protector */
                    before foo()
                    Segmentation fault

                # ./fail2 /* Created with -fstack-protector */
                    before foo()
                    fail2: stack smashing attack in function fooAborted

                # ./fail3 /* Created with -fstack-protector-all */
                    before foo()
                    fail3: stack smashing attack in function fooAborted

I also built my kernel with Crypto-Loop and Grsecurity-2.0.

Interestingly, when I tried to execute these tests with grsecurity
installed, all three were
trapped by the kerenl and aborted.  This would lead one to question the
value of building
every application with propolice, if grsecurity is intended to be added
anyway!

Bill





More information about the hlfs-dev mailing list