From: | Ramesh Gowrishankar <gramesh(at)live(dot)com> |
---|---|
To: | "pgsql-novice(at)postgresql(dot)org" <pgsql-novice(at)postgresql(dot)org> |
Subject: | Compiler security flags while compiling postgres |
Date: | 2016-01-22 05:05:32 |
Message-ID: | CY1PR19MB01705F2A41C49F8642B1E2E7C4C40@CY1PR19MB0170.namprd19.prod.outlook.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
Hello,
I wanted to get the perspective of the community on the need to compile with security flags that protect against buffer overflow. It does not appear that the installer for Windows was compiled with these options and I was wondering why.
I am thinking of a compiler flag like /GS (which is now enabled by default in the Microsoft compiler) https://msdn.microsoft.com/en-us/library/8dbf701c.aspx
[https://i-msdn.sec.s-msft.com/Areas/Centers/Themes/StandardDevCenter/Content/Images/profile.jpg?v=635810750763878896]<https://msdn.microsoft.com/en-us/library/8dbf701c.aspx>
/GS (Buffer Security Check) - msdn.microsoft.com<https://msdn.microsoft.com/en-us/library/8dbf701c.aspx>
msdn.microsoft.com
Detects some buffer overruns that overwrite a function's return address, exception handler address, or certain types of parameters. Causing a buffer overrun is a ...
The postgres binaries are getting flagged in security scans as not being compiled with the recommended secure compiler flags and I am wondering if we need to go through the trouble of recompiling postgres just to add the security related compiler flags.
Thanks
Ramesh
From | Date | Subject | |
---|---|---|---|
Next Message | Caesar Olima | 2016-01-22 15:39:37 | Enquiry about setting Up PostgreSQL 8.4 PIRT |
Previous Message | Alexander Law | 2016-01-17 15:34:15 | Re: Graphic to visualize data flow between processes, buffers and files |