FTBFS if "-Werror=format-security" flag is used
Michael scherer
misc at zarb.org
Thu Dec 5 17:38:40 UTC 2013
On Wed, Dec 04, 2013 at 08:25:54PM -0600, mrnuke wrote:
> On 12/04/2013 12:10 PM, Brendan Jones wrote:
> >
> > This is just a pain. Can someone explain to me why this is good?
> >
> Good or not, this is not the right question to ask.
>
> * Is this necessarry, and are the benefits worth the pains? *
>
> This change is Sofa King stupid. Why couldn't we have just enabled the
> warning without turning it into an error, THEN let packagers work with
> upstream in fixing those warnings? Regulate, not ban.
Because packagers will just ignore it like some currently ignore rpmlint
or various checks, and in turn this just produce noises for anyone looking to
see if something need to be fixed or not.
There is also the case where the code look fine, so you start to ignore the
warning, then upstream change the code, and now, this is exploitable and problematic,
but since people stop to cared about it, no one know until someone exploit it.
Let's rather ask the contrary, why is this so much a issue to communicate
with upstream to fix things, and add patches ?
This is not a issue for Debian and Ubuntu, this was not for Mandriva and Mageia
when similar changes have been enforced and usually, most upstream are receptive,
so i really fail to see why there is people complaining.
--
Michael Scherer
More information about the devel
mailing list