Sam,
Unfortunately, we're not using the RH 7 gcc. We're using a home-grown
modification to gcc/egcs which builds binaries which are largely immune to
stack-smashing attacks (check out immunix.org if you're interested).
The "StackGuard" compiler changes to gcc have not yet been forward-ported
to the version of gcc which ships with RH 7. And, I have been
corrected by the research team here that glibc is roughly the
same as on RH 7, but that libgc++ is not.
It would be really cool if you were interested in helping out with
the compile issues, as we plan on using courier as the mail server
for all of our commercial products (at wirex.com, immunix.org's sister
web site).
Heck, if you're interested in moving to Portland, OR, USA, we would probably
be interested in hiring you. :)
John
On Wed, Nov 08, 2000 at 07:30:49PM -0500, Sam Varshavchik wrote:
On Wed, 8 Nov 2000, John Watson wrote:
Yes, well, when I say "sort-of RH7"...that "sort of" is very strong.
It's RH7 with the RH6.2 version of glibc, and the whole OS (outside
the kernel) has been compiled with a StackGuard compiler.
The courier I'm running was built on a 6.2 box, since the compiler
on the frankenbox has some bugs in it still. So, I was hoping
that the issue had been figured out, so I could see if it applied to
my non-standard configuration. :)
Although the oddball gcc in RH 7 is known to miscompile stuff, it is
apparently good enough to compile straight RH 7. I did have to change the
code somewhat, two months ago, because Courier did actually get
miscompiled by RH 7's gcc. That should not happen any more.
10 messages in net.sourceforge.lists.courier-usersRe: [courier-users] IMAP over SSL pro...
