Bug#552688: Please decide how Debian should enable hardening build flags

To: 552688@bugs.debian.org, debian-dpkg@lists.debian.org, kees@debian.org
Subject: Bug#552688: Please decide how Debian should enable hardening build flags
From: Russ Allbery <rra@debian.org>
Date: Sun, 18 Mar 2012 21:16:41 -0700
Message-id: <[🔎] 87r4wpp6mu.fsf@windlord.stanford.edu>
Mail-followup-to: debian-ctte@lists.debian.org
Reply-to: Russ Allbery <rra@debian.org>, 552688@bugs.debian.org

I believe at this point the dpkg-buildflags solution has proven reasonably
successful and is being widely deployed.  I think we should confirm that
the TC agrees with that approach and close out this bug.

I therefore propose the following ballot:

A. The Technical Committee agrees with the dpkg-buildflags approach
   currently in use to enable hardening flags.

B. Further discussion.

I think the remaining open question is whether there is a desire to list
overriding the GCC maintainer and patching GCC to enable the flags for all
compilation on the ballot.  My guess is that there is not; if anyone
disagrees, please speak up and I'll draft a revised ballot including that
option.

If there is no other feedback, I plan to call for a vote on the above
ballot in a few days.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

Prev by Date: Re: Bug#636783: proposed constitution fix for super-majority within the tech ctte
Next by Date: Bug#640874: leave: debian/rules is not a Makefile
Previous by thread: Bug#636783: proposed constitution fix for super-majority within the tech ctte
Next by thread: Bug#640874: leave: debian/rules is not a Makefile
Index(es):
- Date
- Thread