Re: [RFC] Enabling bindnow by default in dpkg-buildflags?

To: debian-devel@lists.debian.org
Subject: Re: [RFC] Enabling bindnow by default in dpkg-buildflags?
From: Paul Wise <pabs@debian.org>
Date: Fri, 25 Nov 2016 11:36:00 +0800
Message-id: <[🔎] CAKTje6H4zyi4d5qT0eEWvTnnWyZ3no4Ti9AaSr5fesS8XEABrg@mail.gmail.com>
In-reply-to: <[🔎] 20161123092425.34wpcxyutxitakpt@perpetual.pseudorandom.co.uk>
References: <[🔎] 20161123013024.idv6doigkbw3owhk@gaara.hadrons.org> <[🔎] 20161123092425.34wpcxyutxitakpt@perpetual.pseudorandom.co.uk>

On Wed, Nov 23, 2016 at 5:24 PM, Simon McVittie wrote:

> (I'm not entirely sure why we consider hardening packaged code to be so
> much more important than hardening the locally-built code compiled by
> our users, which changed compiler defaults like those in Ubuntu
> would also give us.)

IIRC, the Debian gcc maintainer (also the Ubuntu gcc maintainer)
vetoed enabling hardening in the Debian gcc package. Not sure why that
was fine for Ubuntu but not Debian though.

Personally I would like to see GCC upstream enabling the hardening
flags by default.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Reply to:

References:
- [RFC] Enabling bindnow by default in dpkg-buildflags?
  - From: Guillem Jover <guillem@debian.org>
- Re: [RFC] Enabling bindnow by default in dpkg-buildflags?
  - From: Simon McVittie <smcv@debian.org>

Prev by Date: Re: OpenSSL 1.1.0
Next by Date: Bug#845602: ITP: node-charm -- ansi control sequences for terminal cursor hopping and colors
Previous by thread: Re: [RFC] Enabling bindnow by default in dpkg-buildflags?
Next by thread: Re: [RFC] Enabling bindnow by default in dpkg-buildflags?
Index(es):
- Date
- Thread