Re: dh: default cmake options overridden
Ubuntu has some of its security flags enabled by default in the compiler
itself, so explicit hardening CFLAGS are unnecessary (but harmless):
https://wiki.ubuntu.com/Security/Features
To check that this has worked, you can use
https://wiki.debian.org/Hardening#Validation
However, that's the case in both 12.04 and 14.04, and dpkg-buildflags
still includes them:
trusty$ dpkg-buildflags
CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Werror=format-security
CPPFLAGS=-D_FORTIFY_SOURCE=2
CXXFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Werror=format-security
FFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4
GCJFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4
LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro
Reply to: