* Ben Cotton:
'''-Wformat -Wformat-security -fstack-protector-strong
--param=ssp-buffer-size=4 -D_FORTIFY_SOURCE=2 -O'''''
--param=ssp-buffer-size=4 will not affect anything because
-fstack-protector-strong uses a completely different heuristic.
== Benefit to Fedora ==
We provide better security both for our packages and for
applications/programs which users are building.
We can check using annocheck if there are packages missing hardening and
fix them. What's the current level of coverage we have?
Have the Red Hat Enterprise Linux 8 packaging changes been upstreamed?
We were aiming for nearly-complete coverage there.
== Scope ==
* Proposal owners: Patch gcc to enable these options by default. Patch
should be very simple, since the compile/link code isnt actually
touched.
-D_FORTIFY_SOURCE=2 by default needs patching of glibc because of the
pesky warning it prints without optimization.
What about PIE by defauld and non-lazy binding by default? These two
are probably the two hardest to get right with CFLAGS/LDFLAGS injection.
(PIE is the reason for the -specs= hack.)
PIE-by-default compilers are very common already, although there are
many StackOverflow questions from peopel who use them and follow older
training material.
Thanks,
Florian