[Commotion-dev] Stack Smashing Protection on OpenWRT
L. Aaron Kaplan
aaron at lo-res.org
Fri Feb 7 20:29:07 UTC 2014
On Feb 7, 2014, at 5:26 PM, Andrew Reynolds <andrew at opentechinstitute.org> wrote:
> Hi all,
>
> Does anyone have experience with OpenWRT's stack smashing protection
> toolchain option? I've been trying to compile Commotion with SSP and
> haven't had any luck.
Yup! I regularly have the very same issue with that in the openwrt build system.
Seems like it is not very well tested by developers. But IMHO that should be highly used.
While talking about these security topics:
The other thing that I definitely recommend is to take a look at the random number generators and their useage in openwrt.
It might make sense to generate keys somewhere else and copy them to the embedded device (in case that it possible) or to at least wait for some time and collect network traffic and then generate new keys.
By default the entropy is very low.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20140207/466e7eae/attachment.sig>
More information about the Commotion-dev
mailing list