F22 System Wide Change: Harden all packages with position-independent code

Richard W.M. Jones rjones at redhat.com
Tue Jan 13 00:21:15 UTC 2015


On Mon, Jan 12, 2015 at 10:57:50AM -0800, Moez Roy wrote:
> On Sat, Jan 10, 2015 at 6:12 PM, Richard W.M. Jones <rjones at redhat.com> wrote:
> >
> > Does this proposal apply to native non-C/C++ programs?
> >
> > Rich.
> >
> 
> I would like to see this proposal apply to native non-C/C++ programs,
> but I am not sure on how that would be done?
> 
> Do the other compilers understand what needs to be done when they are
> passed '-fPIC -pie' flags?

OCaml has -fPIC.  However I don't know how/if it's possible to enable
PIE on the main executable.  I will need to check when I'm back from
holiday.

OCaml is a memory safe language, so a pure OCaml program just doesn't
suffer from the same kinds of problems that C programs do.  However
"pure OCaml" programs aren't very common - we often link to or write
parts of the program in C, and there things get a bit more
complicated.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org


More information about the devel mailing list