ProPolice is a stack smashing protector developed by IBM and based on StackGuard.
It is a patchset for gcc designed to protect compiled applications from attacks which manipulate the stack (ie, buffer-overruns).
ProPolice will add the following options to gcc:
-fstack-protector : Enable stack protection for functions which contain character arrays. -fno-stack-protector : Disable use of stack protection (ProPolice). -fstack-protector-all : Enable stack protection for all functions. -fno-stack-protector-all : Disables stack protection for all functions.
The stack protection provided by ProPolice is specifically for the C and C++ languages.
ProPolice is currently used by OpenBSD, DragonFly BSD and IPCop. It is also optionally available in Gentoo Linux with the hardened USE flag.
IBM's Page: http://www.research.ibm.com/trl/projects/security/ssp/
Hardened Gentoo: http://www.gentoo.org/proj/en/hardened/
WikiPedia Page: http://en.wikipedia.org/wiki/ProPolice