Quoting Dirk Hünniger (2014-08-31 10:55:22) > I get the hardening no relro warning. > https://lintian.debian.org/tags/hardening-no-relro.html > I think I just forget to set some compiler flags, but I don't know which > ones. And somehow these flag don't seem to be needed on ubuntu. So > possibly you could make the default somehow. The command dpkg-buildflags lists the various flags (notice relro is in LDFLAGS, not CFLAGS): jonas@bastian:~$ dpkg-buildflags CFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security CPPFLAGS=-D_FORTIFY_SOURCE=2 CXXFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security FCFLAGS=-g -O2 -fstack-protector-strong FFLAGS=-g -O2 -fstack-protector-strong GCJFLAGS=-g -O2 -fstack-protector-strong LDFLAGS=-Wl,-z,relro OBJCFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security OBJCXXFLAGS=-g -O2 -fstack-protector-strong -Wformat -Werror=format-security Ubuntu dictates centrally far more than Debian (I believe that was one of the original ideas with the distro by Mark Shuttleworth) and concretely hardcodes more aggressively such flags. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: signature