Am 29.02.2012 22:52, schrieb Moritz Muehlenhoff: > The most important reason for dpkg-buildflags is [1.] : > One of the Wheezy release goals is to build as many packages as > possible with a hardened toolchain by means of dpkg-buildflags: > http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags > > I've written conversion documentation in the Debian Wiki to provide > central step-by-step documentation: > http://wiki.debian.org/HardeningWalkthrough I fully support the hardening goal. May it be an option to add lintian errors (also non-fatal errors on ftp-master side) about missing-hardening-build in the future? It may be too late for Wheezy to force packages to build with hardened build flags, but we should start with it as soon as possible IMHO. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer E-Mail: pmatthaei@debian.org patrick@linux-dev.org */
Attachment:
signature.asc
Description: OpenPGP digital signature