So everything in Rawhide must be compiled with -fPIC?

Till Maas opensource at till.name
Thu Feb 19 19:34:58 UTC 2015


On Thu, Feb 19, 2015 at 08:15:19PM +0100, Jakub Jelinek wrote:

> I've never argumented against the goal that web browser or all network aware
> services should be PIEs, after all, why would we (Ulrich Drepper and myself)
> add the PIE support into the toolchain otherwise?
> I'm just not convinced most of the unpriviledged programs should be PIEs.

Thanks to e.g. e-mail about any program can be made to run untrusted
data, e.g. PDF readers, office suites, image viewers, if you open an
attachment of the respective type. Therefore it makes a sane default
IMHO. It is also something to attract users that care about security
very much to Fedora.

Regards
Till


More information about the devel mailing list