Harden_all_packages_with_position-independent_code + guile modules
Nikos Mavrogiannopoulos
nmav at redhat.com
Mon Mar 16 09:57:41 UTC 2015
On Mon, 2015-03-16 at 10:19 +0100, Reindl Harald wrote:
>
> Am 16.03.2015 um 09:47 schrieb Nikos Mavrogiannopoulos:
> > What was the rationale of adding -z now to the hardening flags? Looking
> > its description doesn't reveal any "hardening" features, and the gnutls
> > guile module failure to build seems to be directly related to that flag:
> > https://bugzilla.redhat.com/show_bug.cgi?id=1196556
>
> FULL RELRO
> http://tk-blog.blogspot.co.at/2009/02/relro-not-so-well-known-memory.html
If that's all we got I suggest to remove this flag or (better) provide a
way for applications that use modules to compile themselves, without
removing the whole set of hardening flags.
More information about the devel
mailing list