Bug#796562: lintian: Please identify lack of sanitation compiler/linker flags
intrigeri:
> Hi Chris,
>
> Chris Lamb:
>>> lintian: Please identify lack of sanitation compiler/linker flags
>
>> Is this not covered by the following tags?
>
>> hardening-no-bindnow
>> hardening-no-fortify-functions
>> hardening-no-pie
>> hardening-no-relro
>
> Nope: this bug report is about another debugging/hardening option
> (ASan and friends).
>
>> (etc.)
>
> Maybe :)
>
> Cheers,
>
Hi,
Having read http://www.openwall.com/lists/oss-security/2016/02/17/9
which Jakub Wilk linked to, I do not think the sanitizers in their
current form are ready for arbitrary cases.
If we could have most of the advantages of these sanitizers without
introducing trivial "local-user-to-root-via-setuid" exploits and some of
the other issues, then I would personally be much more supportive of this.
Thanks,
~Niels
Reply to: