Le 20. 07. 13 12:07, Daniel Silverstone a écrit :
Would it not make sense at that point to simply patch ghc to always add the flag to the link (unless told not to) ?
Umm... I am not sure. This would mean changing the default behavior of ghc, which is intrusive. This doesn't seem a good move to me. (Please contradict me) Would you do that to gcc?
But perhaps I have already gone too far with my patching dyre idea. Let's look closer at the reasoning. the starting point is that Debian wants to ship only relro'd executables in its packages. Now, I point out that the executables shipped by xmonad, yi, taffybar and so on are just stubs to boot another binary, therefore if we want to protect these applications by default, we should care about the other binaries.
Is this fair? Should we provide a way to disable Debian $LDFLAGS from the configuration file?
Please debate, Louis