Re: Bug#552688: Please decide how Debian should enable hardening build flags


Raphael Hertzog wrote:

> We have dpkg-buildflags available but few packages are using it and it's
> unlikely they will be all converted in the wheezy timeframe.

I agree with the precise meaning of this statement, but the spirit seems
quite wrong.  For the packages I am involved in (not many), I have
deliberately not used dpkg-buildflags to make backporting easier.
It is a new facility but a very good one, and I suspect that it will
be adopted fairly quickly, especially if someone writes the appropriate
patches to debian/rules (or even better, writes a program maintainers
can use to automate this).

Also, I am not the GCC maintainer, but from experience of receiving
reports from people building software with Ubuntu, I think changing
the defaults in GCC is quite wrong.

Just my two cents.

