[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Hardening build flags release goal

On Mon, Sep 05, 2011 at 09:34:37PM +0200, Raphael Hertzog wrote:
> On Mon, 05 Sep 2011, Julien BLACHE wrote:
> > Cyril Brulebois <kibi@debian.org> wrote:
> > > Do we have a proper definition, and sample implementation(s) for “using
> > > dpkg-buildflags properly”? On the top of my hat, it looks like semantics
> > > and recommendations changed a bit over the years, so I kind of lost
> > > count.
> > 
> > On top of that, what's the story with regard to non-gcc compilers?
> 
> No idea, I have only integrated the work others have done in dpkg. I
> have not studied how other compilers support the hardening compilation
> flags.
> 
> What are the compilers you're thinking of?

I'm curious to see what it would take to enable the same features in llvm.
It's an area I've not looked at in any way. It might be cool to have
something familiar with llvm (or other C compilers in use) update
http://wiki.debian.org/Hardening
with the command line arguments needs to enable each feature too.

-Kees

-- 
Kees Cook                                            @debian.org
Reply to: