sudo and changes in packaging guidelines

Toshio Kuratomi a.badger at gmail.com
Fri Apr 13 17:47:00 UTC 2012


On Fri, Apr 13, 2012 at 12:36:36PM -0500, Jon Ciesla wrote:
> On Fri, Apr 13, 2012 at 12:32 PM, Richard W.M. Jones <rjones at redhat.com> wrote:
> > On Fri, Apr 13, 2012 at 05:37:12PM +0200, Mattia Verga wrote:
> >> Greetings,
> >> I saw the changes in packaging guidelines related to PIE:
> >>
> >> /If your package meets the following criteria you *MUST* enable the
> >> PIE compiler flags: /
> >>
> >>  * /Your package is long running. This means it's likely to be started
> >>    and keep running until the machine is rebooted, not start on demand
> >>    and quit on idle. /
> >>
> >>  * /Your package has suid binaries, or binaries with capabilities. /
> >>
> >>  * /Your package runs as root. /
> >
> > [from: http://fedoraproject.org/wiki/Packaging:Guidelines#PIE]
> >
> > I'm not sure I understand how to parse this.
> >
> > - Is the above an 'AND' or an 'OR' set of requirements?
> 
> OR.
> 
> > - What happens if the program isn't written in C?
> 
> If it's not C, C++, etc, it's not applicable.  I don't believe it
> applies to other compiled languages.
> 
Although (since I know Rich works on OCaml stuff) since OCaml is compiled to
C before being compiled to object code, this section might still apply.
Anyone with more knowledge on that want to speak up?

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20120413/01b8fb19/attachment.sig>


More information about the devel mailing list