This is a library, which contains a safe reincarnations of strcpy/strcat/sprintf and some other functions, which is known to be a source to 99% of stack smashing attacks since Morrison Worm. Basic idea is: these functions never return in case of modified stack frames. Instead, they kills current process with SIG_SEGV, and, in case when program just ignores it - calls exit(2). In 'paranoidal' point of view, termination of a process is a much less worth, than possible incorrect continuation. This library can be used in two ways - you can just install it as a port/package, and then relink critical applications (such as a network daemons) with -lparanoia -L/usr/local/lib, or you can override standard functions in libc (using libparanoia/copy-to-libc shell script) - in this case you'll get any application, which uses shared libc, automatically protected. WWW: http://www.lexa.ru/snar/libparanoia/