hardening Issue

To: debian-mentors@lists.debian.org
Subject: hardening Issue
From: Paulo <kretcheu@gmail.com>
Date: Wed, 27 Jul 2016 11:20:33 -0300
Message-id: <[🔎] e5338aba-76c5-cebb-f00d-7a63b517d7a1@gmail.com>

Hi Mentors,

I'm adopting package lostirc with problems to solve hardening issue.

The package builds ok but with lintian:
I: lostirc: hardening-no-fortify-functions usr/bin/lostirc

blhc --all ../lostirc_0.4.6-5_amd64.build 
Returns nothing but 

hardening-check -v debian/lostirc/usr/bin/lostirc 
debian/lostirc/usr/bin/lostirc:
 Position Independent Executable: yes
 Stack protected: yes
 Fortify Source functions: no, only unprotected functions found!
	unprotected: memmove
	unprotected: read
	unprotected: memcpy
	unprotected: gethostname
	unprotected: recv
 Read-only relocations: yes
 Immediate binding: yes

I verified build log and I found flag: -D_FORTIFY_SOURCE=2 at all cpp compile lines.
I uploaded to mentors.

https://mentors.debian.net/debian/pool/main/l/lostirc/lostirc_0.4.6-5.dsc

Can you help me?

Thanks
[]'s
kretcheu
:x

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: hardening Issue
  - From: Dmitry Bogatov <KAction@gnu.org>
- Re: hardening Issue
  - From: Andrey Rahmatullin <wrar@debian.org>

Prev by Date: Bug#832585: RFS: gammaray/2.5.0-1 [RC] -- Tool for examining the internals of Qt application
Next by Date: Bug#830417: marked as done (RFS: django-setuptest/0.2.1-1 [ITP])
Previous by thread: Bug#832585: marked as done (RFS: gammaray/2.5.0-1 [RC] -- Tool for examining the internals of Qt application)
Next by thread: Re: hardening Issue
Index(es):
- Date
- Thread