There’s also -fstack-protector-all. And note that both clang and gcc support -fstack-protector* It’s important to keep in mind that stack cookies are generally not effective against today’s exploitation techniques. Use of the combination of ASLR, strong W^X (applying W^X both to memory map creation and memory protection attribute changes post-creation), and both forward-edge and backword-edge cross-DSO CFI provide much better exploit mitigation coverage than simple stack cookies.
Caveat for what I said above: it’s still worth it to apply stack cookies, since there’s not much of a perf hit. But, newer and stronger exploit mitigation techniques have joined the playing field and can complement stack cookies.
There’s also
-fstack-protector-all
. And note that both clang and gcc support-fstack-protector*
It’s important to keep in mind that stack cookies are generally not effective against today’s exploitation techniques. Use of the combination of ASLR, strong W^X (applying W^X both to memory map creation and memory protection attribute changes post-creation), and both forward-edge and backword-edge cross-DSO CFI provide much better exploit mitigation coverage than simple stack cookies.Is there a good overview of these that you can point to?
The HardenedBSD wiki is a good starting point: https://git-01.md.hardenedbsd.org/HardenedBSD/hardenedbsd/wiki
Caveat for what I said above: it’s still worth it to apply stack cookies, since there’s not much of a perf hit. But, newer and stronger exploit mitigation techniques have joined the playing field and can complement stack cookies.
This is great context. Just a thank you