F22 System Wide Change: Harden all packages with position-independent code

Kevin Fenzi kevin at scrye.com
Wed Jan 7 21:45:46 UTC 2015


On Wed, 7 Jan 2015 13:17:36 -0800
Moez Roy <moez.roy at gmail.com> wrote:

> I originally made a request to rel-eng here:
> https://fedorahosted.org/rel-eng/ticket/6049 -
> 
> Long running packages in F21 that 'MUST enable the PIE compiler flags'

...snip...

> The above packages don't seem to have PIE enabled.

Some of them don't meet the 'long running' critera. They just happen to
be running when you ran your check. 

> 
> Can someone from releng enable hardening on as many "Long running
> packages" as possible before the next F21 Release Candidate.

No. This is not a releng task. 

This is something that should be done by (in order): 

- The maintainers of these packages. 

- Interested/motivated provenpackagers who want to make the changes and
  bring the packages in line with guidelines. 

- Some other group FESCo is able to task with it (which really might
  come down to just them). 

But since this change is for just globally enabling it, probibly the
best thing to do is wait for this change to be accepted and a mass
rebuild instead of worrying now about specific packages. 

kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/devel/attachments/20150107/d4e06ef0/attachment.sig>


More information about the devel mailing list