[PATCH] Security hardening compiler and linker flags

Marco d'Itri md at Linux.IT
Fri Feb 27 11:55:08 CET 2015


On Feb 27, David Jorm <djorm at corp.iixpeering.net> wrote:

> The attached patch adds security hardening compiler and linker flags. These
> flags are only applied if --enable-secflags is on, and I've made
> --enable-secflags on by default. I totally understand if the maintainers may
> prefer for it to be off by default, at least initially.
The warnings are OK, but while the hardening options actually match what 
Debian uses, distributions tipically want to explicitly set them 
themselves using the defaults of their own build infrastructure (because 
in the future they may want to do mass rebuilds with different flags).

-- 
ciao,
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 648 bytes
Desc: not available
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20150227/fc8af14a/attachment.asc>


More information about the Bird-users mailing list