by Ashcrow
(Transferred from the wiki by Peter)

First off let me state that this can break programs from the start. Some programs compilied with stack protection will segfault or just croak on start (like BitchX). You've been warned.

IBM released an excellent GCC-2.95.x/3.2 patch for protecting the stack, making it much harder to gain access via overloading the stack which has been one of the most used exploits against OS's since the famous Phrack paper.

!!! NOTE: You'll want to install any other patches before installing IBM's patch !!!

Step One: Download the GCC-3.2 (or 2.95.x if you must) source code from the FSF (http://gcc.gnu.org/)

Step Two: Download the patch for your GCC version from http://www.trl.ibm.com/projects/security/ssp/

Step Three: unzip and untar both GCC and the patches in the current directory (Ex: tar xvzf gcc-3.2.tar.gz && tar xvzf protector-3.2-5.tar.gz)

Step Four: cd into the gcc-3.2/gcc directory and patch the source code (Ex: patch -p1 < ../../protector.dif && patch -p1 < ../../protectonly.dif)

Step Five: Copy the protector header and C-code to the gcc-3.2/gcc directory.

Step Six: Compile and install GCC as normal! Step Seven: add the following line to your shells execution script or profile:
Code:
export STACK_PROTECTOR=1
This will ensure that all code is, by default, protected.