Am 21.05.2012 18:33, schrieb Daniel Pocock: > On 21/05/12 16:22, Arno Töll wrote: >> On 21.05.2012 17:02, Daniel Pocock wrote: >>> After building, I check the binaries, it seems to think they were >>> hardened, but some intermittent issues with `Fortify Source functions' >>> and lintian (on mentors) complains >> >> The hardening-check tool (which is used by Lintian, too) is known to >> emit false positives. See #673112 for an up to date discussion for that >> problem. >> > > > Do I need to use a lintian-override in this case, or should I just > ignore the warnings? > > I would prefer not to include an override in the package as someone > might forget to take them out later whenever hardening-check is more > definite > > I am building my packages with hardening-wrapper since a longer time and they are hardened, but yeah with the new lintian version there are *too much* false positives about hardening-no-stackprotector and hardening-no-fortify-functions. Adding 100k lintian overwrites (about the whole archive) wouldn't be an option, I do not know if hardening-check could be improved , if not both checks may be disabled in lintian. In my case I will ignore them from now on. -- /* Mit freundlichem Gruß / With kind regards, Patrick Matthäi GNU/Linux Debian Developer E-Mail: pmatthaei@debian.org patrick@linux-dev.org */
Attachment:
signature.asc
Description: OpenPGP digital signature