Bug#709415: lintian: false positive for hardening-no-fortify-functions
Niels Thykier <niels@thykier.net> writes:
> Assuming you were using 2.5.11 for test, you may want to retry with
> 2.5.12. The latter did another false-positive -> false-negative
> trade-off (memset and memmove).
Looks like that won't help for libkopenafs1:
% hardening-check --verbose /usr/lib/libkopenafs.so.1
/usr/lib/libkopenafs.so.1:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: no, not found!
Fortify Source functions: no, only unprotected functions found!
unprotected: getgroups
Read-only relocations: yes
Immediate binding: yes
That's the one built with hardening-wrappers installed.
Also looks like that's not the issue for xml-security-c-utils:
% hardening-check --verbose xmlsec-xklient
xmlsec-xklient:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: no, only unprotected functions found!
unprotected: fread
Read-only relocations: yes
Immediate binding: yes
(Thanks for the note about --verbose!)
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: