Re: relro
On Sat, Jul 20, 2013 at 15:01:28 +0200, Louis Bettens wrote:
> Le 20. 07. 13 12:07, Daniel Silverstone a écrit :
> >Would it not make sense at that point to simply patch ghc to always add the
> >flag to the link (unless told not to) ?
> Umm... I am not sure. This would mean changing the default behavior
> of ghc, which is intrusive. This doesn't seem a good move to me.
I'm not saying it's necessarily a good move, just raising it as an option.
> (Please contradict me) Would you do that to gcc?
Debian already did mess with gcc -- remember the --as-needed debacle? (which
mucks up loadable module linking massively)
> But perhaps I have already gone too far with my patching dyre idea.
> Let's look closer at the reasoning. the starting point is that
> Debian wants to ship only relro'd executables in its packages. Now,
> I point out that the executables shipped by xmonad, yi, taffybar and
> so on are just stubs to boot another binary, therefore if we want to
> protect these applications by default, we should care about the
> other binaries.
xmonad and taffybar are both default functional programs without *needing* to
be recompiled.
D.
--
Daniel Silverstone http://www.digital-scurf.org/
PGP mail accepted and encouraged. Key Id: 3CCE BABE 206C 3B69
Reply to:
- Follow-Ups:
- Re: relro
- From: Louis Bettens <louis@bettens.info>
- References:
- relro
- From: Louis Bettens <louis@bettens.info>
- Re: relro
- From: Daniel Silverstone <dsilvers@digital-scurf.org>
- Re: relro
- From: Louis Bettens <louis@bettens.info>