Comment 4 for bug 413278

Kees Cook (kees) wrote :

This is a regression from Intrepid, yes. Upstream glibc changed how they constructed the random value, losing this protection from strcpy-style overflows. While I do not have any active examples of exploits that have read-access to stack memory and also a strcpy, I do feel the regression potential is low given that this patch does not change the locations of the stack protector, it just limits the first byte to 0.