[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Please decide how Debian should enable hardening build flags



On Sat, 20 Nov 2010, Raphael Hertzog wrote:
> I think none of the discussions up to now have resulted in a
> consensus among all the parties. Most people are in favor of
> changing the defaults in GCC, except the gcc maintainer.

There are a couple of things here that should be worked out first
before the CTTE can make a decision:

1) Has gcc's upstream been approached about including this patch? What
was their response?

2) Has the archive been successfully rebuilt with the proposed patch?

3) Since Matthias has indicated that he doesn't have the resources to
steward this patch in Debian, who is going to work on maintaining it
if upstream isn't interested in the patch and the CTTE decides to
override Matthias?

Alternatives to patching gcc include making dpkg-buildflags more
prevalent, a wrapper that we require to install on buildds (coupled
with throwing away binary builds), or some combination of the above.


Don Armstrong

-- 
I really wanted to talk to her.
I just couldn't find an algorithm that fit.
 -- Peter Watts _Blindsight_ p294

http://www.donarmstrong.com              http://rzlab.ucr.edu


Reply to: