stability of fortify source

thorsten fly_b747 at gmx.de
Sat Jul 4 05:18:00 PDT 2009


Good day to everyone!

Within the last months i built a hardened system including PIE, stack
protector, bind now, grsec and fortify source including X and firefox. A
firefox compiled with fortify source crashes while stating up. compiling
firefox with fortify source disabled results in a firefox which crashes
at seemingly random times (ie. moving tabs, about:plugins ...). running
firefox within gdb shows crashes within system libs. unfortunately my
system does not have debugging symbols so the crashes are hard to track
down.

I begin to suspect fortify source as beeing the reason for these
instabilities. Within the next weeks I am going to build a system
without fortify source to investigate this further.

Has anybody an opinion regarding this?


Thorsten



More information about the hlfs-dev mailing list