Re: Enabling hardened build flags for Wheezy

To: debian-devel@lists.debian.org
Subject: Re: Enabling hardened build flags for Wheezy
From: Fernando Lemos <fernandotcl@gmail.com>
Date: Wed, 29 Feb 2012 21:28:32 -0300
Message-id: <[🔎] CANVYNa8Lr-FniudT6htrWMGArUfhO9V5f_tc4LST8S8=EaioWg@mail.gmail.com>
In-reply-to: <[🔎] CAKTje6ERGZPx0xztJO2fa4+w0MOM3BGv4vHTkTGdDHJFcxXCkA@mail.gmail.com>
References: <20120229215210.GA4774@pisco.westfalen.local> <[🔎] CAKTje6ERGZPx0xztJO2fa4+w0MOM3BGv4vHTkTGdDHJFcxXCkA@mail.gmail.com>

Hi,

On Wed, Feb 29, 2012 at 9:23 PM, Paul Wise <pabs@debian.org> wrote:
> Personally I think this is completely the wrong approach to take for
> compiler hardening flags. The flags should be enabled by default in
> upstream GCC and disabled by upstream software where they result in
> problems. The compiler hardening flags have been tested over N years
> by RHEL, Fedora, Ubuntu, Gentoo and probably others. The approach
> Debian is taking (as opposed to Red Hat, Fedora, Ubuntu etc) means
> that software compiled outside of the packaging system will not
> benefit from the compiler's hardening flags. Doing it in this way also
> violates our social contract.

Not sure it's a good idea to reignite this, specially this late into
the Wheezy development cycle (and specially in debian-devel). This has
already been discussed in detail:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552688

Regards,

Reply to:

References:
- Re: Enabling hardened build flags for Wheezy
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Re: Enabling hardened build flags for Wheezy
Next by Date: Re: Enabling hardened build flags for Wheezy
Previous by thread: Re: Enabling hardened build flags for Wheezy
Next by thread: Re: Enabling hardened build flags for Wheezy
Index(es):
- Date
- Thread