[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Building perl and XS modules with hardening flags

On Fri, May 13, 2011 at 6:05 PM, Ansgar Burchardt <ansgar@debian.org> wrote:
> I was wondering if it would make sense to build perl with hardening
> flags.  This would it make harder to use bugs in the interpreter or the
> XS modules to compromise a system.  It looks like Ubuntu already does
> this by default for all packages[1], so breakage should be limited.

I am very much for this change, particularly since Ubuntu happens to
be using this to great effect. As long as we are cautious and make
sure everything builds/tests pass with the new configuration, then I
don't think there should be any reason why we don't do this.

> If deemed useful, we could try enabling them in perl 5.14 as I assume
> this will get some more testing in experimental.

Sounds like you have this plan all figured out :)



Reply to: