Bug#796562: lintian: Please identify lack of sanitation compiler/linker flags

[Niels Thykier <niels@thykier.net>]

intrigeri:
> Hi Chris,
> 
> Chris Lamb:
>>> lintian: Please identify lack of sanitation compiler/linker flags
> 
>> Is this not covered by the following tags?
> 
>>   hardening-no-bindnow
>>   hardening-no-fortify-functions
>>   hardening-no-pie
>>   hardening-no-relro
> 
> Nope: this bug report is about another debugging/hardening option
> (ASan and friends).
> 
>> (etc.)
> 
> Maybe :)
> 
> Cheers,
> 

Hi,

Having read http://www.openwall.com/lists/oss-security/2016/02/17/9
which Jakub Wilk linked to,  I do not think the sanitizers in their
current form are ready for arbitrary cases.

If we could have most of the advantages of these sanitizers without
introducing trivial "local-user-to-root-via-setuid" exploits and some of
the other issues, then I would personally be much more supportive of this.

Thanks,
~Niels