Harden_all_packages_with_position-independent_code + guile modules

Tom Hughes tom at compton.nu
Thu Mar 12 14:49:03 UTC 2015

On 12/03/15 14:41, Adam Jackson wrote:
> On Thu, 2015-03-12 at 13:45 +0000, Petr Pisar wrote:
>> However I can add my recent story: After hardening perl, loading a DSO
>> by perl failed. I believe the reason was the DSO had an undefined symbol
>> which was not defined in any SO_NEEDed libraries. But because the symbol
>> was never used at run-time, before hardening the executable, run-time
>> linking passed. But after hardening, the -znow feature caused resolving
>> all symbols at link time, including the missing symbol, so dlopen(3)
>> failed.
> We may want to revisit this, honestly.  The actual proposal was just to
> build executables as PIE, right?  Forcing -z now is a bit more than
> maybe was expected.

On top of which there seems, despite a number of questions posted here 
since the change went live, very little assistance from the proposal 
owners with fixing packages that have been broken by it.


Tom Hughes (tom at compton.nu)

More information about the devel mailing list