release goal proposal: enable hardening build flags


I would like to propose a release goal of enabling hardening build flags[1]
for all C/C++ packages in the archive[2]. For Wheezy, specific sub-goals are
being chosen.

The default flags are almost settled[3], additional subgoals may come
up[4], and more work is needed to identify the specific packages involved
in the subgoals[5], but I'd like to get the ball rolling on this as a
release goal.



[1] http://wiki.debian.org/Hardening

[2] http://wiki.debian.org/ReleaseGoals/Hardening

[3] http://lists.debian.org/debian-dpkg/2011/09/msg00025.html

[4] http://lists.debian.org/debian-devel/2011/09/msg00071.html

[5] http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-important.txt?view=log

Kees Cook                                            @debian.org

