Bug#917094: lintian: systemd-service-file-missing-hardening-features doesn't actually help
tags 917094 + moreinfo
thanks
Scott Kitterman wrote:
> Is lintian really an advertising medium for various package features?
Come now, that's an unfortunately combative way of phrasing this. I
would agree if Lintian was suggesting a feature that was unrelated to
security and, perhaps, if it was arduous to implement.
However we are surely not really providing an "advertising" platform
for GCC's own hardening features when binaries are missing those,
something that is often rather complicated to achieve if upstream's
build system is uncooperative.
> I think this check should either be updated into some more specific checks for
> specific conditions where packages can make use of some of these features
I don't necessarily disagree, but do you have any specific conditions
in mind at this stage?
Please do note that the experimental nature of this tag is precisely
so we can iron-out problems; requesting its almost-immediate removal
upon seeing potential false-positives when it is clearly marked as
such seems premature and suboptimal at this stage.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
Reply to: