Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)

To: debian developers <debian-devel@lists.debian.org>, debian-policy@lists.debian.org
Subject: Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
From: Bálint Réczey <balint@balintreczey.hu>
Date: Sat, 28 May 2016 23:16:34 +0200
Message-id: <[🔎] CAK0OdpzZ_BdMdr-8OAHKm2RqA9u6A4YkpTW7-TmAM_1jW1Z5+A@mail.gmail.com>
Reply-to: balint@balintreczey.hu
In-reply-to: <[🔎] 20160518002155.GC28133@gaara.hadrons.org>
References: <[🔎] CAK0Odpw3LjhZdAqOBvo91Vv5O4DzpzR23_zHxLYdux5OvNGRXw@mail.gmail.com> <[🔎] 5738C4C2.6020907@thykier.net> <[🔎] CAK0Odpz148VAtR4mSh3gWUmnjnGToaAJbeDWfa7NmZBBO0O_1Q@mail.gmail.com> <[🔎] 20160515211055.GA17355@teal.hq.k1024.org> <[🔎] 573AED89.3040006@debian.org> <[🔎] 20160518002155.GC28133@gaara.hadrons.org>

Hi,

2016-05-18 2:21 GMT+02:00 Guillem Jover <guillem@debian.org>:
> On Tue, 2016-05-17 at 12:08:09 +0200, Matthias Klose wrote:
>> I'm not a fan myself for turning on hardening flags in the compiler itself,
>> but if you do that, then dpkg issues like https://bugs.debian.org/823869
>> need to be addressed (whether all obscure build systems picking these up, or
>> not).
>
> That bug report is not relevant in its current form, as explained
> there.
>
> If the default changes in the Debian default compiler, then I'll just
> make the +pie option a no-op and change -pie to set -fno-PIE, so that
> the options are only added when they are expected.
>
> The difference with that request is that it would currently add
> -fno-PIE for most packages that do not change the default flags,
> which might break their build-systems.

Thank you Guilllem.

Matthias, are you OK with the resolution of #823869 and would you be
OK with using --enable-default-pie for GCC if dpkg adopts the solution
described above?

Cheers,
Balint

Reply to:

References:
- PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
  - From: Niels Thykier <niels@thykier.net>
- Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
  - From: Bálint Réczey <balint@balintreczey.hu>
- Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
  - From: Iustin Pop <iustin@debian.org>
- Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
  - From: Matthias Klose <doko@debian.org>
- Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
  - From: Guillem Jover <guillem@debian.org>

Prev by Date: Re: package versions with snapshots/branch updates (was: Re: Accepted gcc-5 5.3.1-21 (source) into unstable)
Next by Date: Re: package versions with snapshots/branch updates (was: Re: Accepted gcc-5 5.3.1-21 (source) into unstable)
Previous by thread: Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
Next by thread: Re: PIE + bindnow for Stretch?(Re: Time to reevaluate the cost of -fPIC?)
Index(es):
- Date
- Thread