[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hardening build flags release goal

On Mon, 5 Sep 2011 19:42:30 +0200 Moritz Mühlenhoff wrote:

> Raphael Hertzog <hertzog@debian.org> schrieb:
> > Hello,
> >
> > we're not very far from having hardening build flags set by default by
> > dpkg-buildflags (waiting on some documentation update that Kees should
> > take care of).
> Thanks!
> > I would like to find one or two persons to lead a new release goal
> > centered around hardening. The big goal is to have the maximum number of
> > packages using hardening by the time Wheezy is released but it could
> > include more specific sub-goals like "all packages with priority >=
> > standard should use dpkg-buildflags properly" or "all packages providing a
> > daemon should use dpkg-buildflags properly".
> >
> > It's up to whoever does the work to define their methodology of work but
> > it's probably interesting to write some script to detect whether a package
> > is using dpkg-buildflags. Rebuilding packages with a custom
> > dpkg-buildflags configuration that adds a fake flag and analyzing the
> > build logs has been suggested (see #628516).
> >
> > If you're interested, just respond and start creating the release goal
> > wiki page:
> > http://wiki.debian.org/ReleaseGoals
> I'm in, but it'll take a few days until I'll be able to work on the wiki
> page. 
> I'm thinking of something along the lines of
> "all pkgs with priority >= standard" and "all pkgs which had a DSA in the last
> five years" as specific, important sub goals.

I'm not a DD (just lowly DM) so I can't be an advocate, but I'm interested
and willing to help with this.

Best wishes,

Reply to: