Re: Bug#552688: Please decide how Debian should enable hardening build flags
On Fri, 21 Jan 2011, Kees Cook wrote:
> This is likely the core of the disagreement: how to apply the flags.
> I have a strong opinion about this because my perspective is
> security-oriented. I think all compiles should be hardened; default
> to being secure, and whitelist that which needs things disabled.
> Same policy applies to firewalls, etc. As before, I stand by my
> original email that started this thread:
> http://lists.debian.org/debian-gcc/2009/10/msg00186.html
1) Can a complete patch to enable hardening by default include
specific documentation on how to disable it? [Can this "return to a
default compiler" be made simpler than switching the three or four
options currently used?]
2) The current state of the patch doesn't properly document that the
flag is on by default; if the patch is enabled, it should say so in
the documentation, not referencing a version of Ubuntu.
3) Who is willing to do a complete rebuild with the patch enabled and
handle filing any bugs (with appropriate patches, ideally) that turn
up? [On how many architectures?]
4) What solution would you enact if the CTTE were to have hardening be
on by default for all Debian packages, but disabled by default for the
compiler as shipped?
Matthias: if #3 were to be done, and some mechanism of either doing #4
or #1 were required, what additional objections (if any) would you
have?
Don Armstrong
--
Let me bring you up to speed:
We know nothing.
You are now up to speed.
-- Steve Martin as Inspector Clouseau in _The Pink Panther 2_ (2009)
http://www.donarmstrong.com http://rzlab.ucr.edu
Reply to: