Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
- To: debian-devel@lists.debian.org
- Cc: debian-policy@lists.debian.org
- Subject: Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
- From: Sam Hartman <hartmans@debian.org>
- Date: Sun, 03 Jul 2016 18:11:42 -0400
- Message-id: <[🔎] tsl4m86pe1t.fsf@mit.edu>
- In-reply-to: <20160518001316.GB28133@gaara.hadrons.org> (Guillem Jover's message of "Wed, 18 May 2016 02:13:16 +0200")
- References: <CAK0Odpw3LjhZdAqOBvo91Vv5O4DzpzR23_zHxLYdux5OvNGRXw@mail.gmail.com> <5738C4C2.6020907@thykier.net> <CAK0Odpz148VAtR4mSh3gWUmnjnGToaAJbeDWfa7NmZBBO0O_1Q@mail.gmail.com> <20160518001316.GB28133@gaara.hadrons.org>
>>>>> "Guillem" == Guillem Jover <guillem@debian.org> writes:
>> I agree that it would be the easier way and I also tried building
>> packages with patched GCC 5 setting PIE as default with success,
>> but we have a CTTE decision which says that we should set
>> hardening flags through dpkg:
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552688
Guillem> Meh, I'm not going to bother reading that bug report, but
Guillem> if that's what the decision really says, then that decision
Guillem> is just bogus…
So, first, the TC didn't actually make a formal decision. The gcc
maintainer didn't like changing the compiler defaults; dpkg-buildflags
had gotten enough traction that it seemed to be a sufficient solution,
so the bug was closed with a specific note that any interested party
could reopen.
However, I think there are several factors that are different in this
situation:
* A big concern was introducing new warnings in environments where
-Werror was in use. That is something we sadly have a fair bit of
experience fixing (-Wuninitialized springs to mind) since the time of
that bug, and that seems not to apply to PIE
* More concerns about cases where the behavior would be wrong than seem
to apply here.
Regardless of where you make the change you'll break some packages.
That happens though; both gcc and dpkg-dev have gotten more strict abouv
various behaviors in ways that break packages within recent memory.
So, I think there's some good reading in the TC bug about the proes and
cons of various approaches, but not all of it applies, and there is a
bit of flame to wade through mixed in with some generally well-thought
discussion.
That bug definitely should not be considered binding in general, but
definitely not in this environment.
--Sam
Reply to: