[Python-Dev] OpenBSD anyone?
Guido van Rossum
guido at python.org
Wed Dec 24 12:47:22 EST 2003
> >Wow. Thanks for the analysis. But this is clearly a compiler bug.
> >Where do we report that? And why would it be unique to OpenBSD?
>
> Because the OpenBSD folks have their own code generator to improve the
> security of OpenBSD. They code gen to make it impossible/improbable
> to use a stack overflow attack. I found they fix the compiler quickly
> once you tell then on the OpenBSD dev list whats wrong with a recipe to
> reproduce.
Sigh. So much for security. :-(
> You may find that they will not fix for 3.3 as 3.4 is out and the
> tool chain moved from a.out to ELF in 3.4.
Double sigh. Strange approach to security.
--Guido van Rossum (home page: http://www.python.org/~guido/)
More information about the Python-Dev
mailing list