Mailing List Archive: Disabling SSP for one package

Disabling SSP for one package

Dec 17, 2013, 5:44 AM

Post #1 of 3 (1438 views)

I'm hitting a nasty bug with SSP/PHP:

https://bugs.gentoo.org/show_bug.cgi?id=491100

Recompiling PHP with hardenednossp fixes the problem, but on this one
server we're recompiling PHP a lot (as we figure out which extensions
are needed to migrate a bunch of classic ASP sites).

Supposing I'm very forgetful, what's the best way to prevent myself from
rebuilding PHP with SSP? Copy the ebuild to an overlay and locally mask
newer versions?

Re: Disabling SSP for one package [ In reply to ]

alex_y_xu at yahoo

Dec 17, 2013, 5:57 AM

Post #2 of 3 (1377 views)

Permalink

On 17/12/13 08:44 AM, Michael Orlitzky wrote:
> I'm hitting a nasty bug with SSP/PHP:
>
> https://bugs.gentoo.org/show_bug.cgi?id=491100
>
> Recompiling PHP with hardenednossp fixes the problem, but on this one
> server we're recompiling PHP a lot (as we figure out which extensions
> are needed to migrate a bunch of classic ASP sites).
>
> Supposing I'm very forgetful, what's the best way to prevent myself from
> rebuilding PHP with SSP? Copy the ebuild to an overlay and locally mask
> newer versions?
>

Can't you do CFLAGS=-fno-stack-protector in p.env?

Re: Disabling SSP for one package [ In reply to ]

mjo at gentoo

Dec 17, 2013, 6:23 AM

Post #3 of 3 (1384 views)

Permalink

On 12/17/2013 08:57 AM, Alex Xu wrote:
>
> Can't you do CFLAGS=-fno-stack-protector in p.env?
>

Yep, thanks. I had to prepend $CFLAGS to it, i.e.,

CFLAGS="${CFLAGS} -fno-stack-protector"

but no crash after a recompile.

Mailing List Archive

Mailing List Archive

Attached Files: