[Aptitude-devel] aptitude 0.6.6-1 available on mentors.d.n

Manuel A. Fernandez Montecelo manuel.montezelo at gmail.com
Tue Mar 27 23:16:34 UTC 2012


Agree with everything and falling asleep, just a quick comment...

2012/3/28 Axel Beckert <abe at debian.org>:
>  Position Independent Executable: no, normal executable!
>  Stack protected: yes
>  Fortify Source functions: yes (some protected functions found)
>  Read-only relocations: yes
>  Immediate binding: no not found!
>
> Doesn't look perfect though as I'd have expected PIE there.

Given that PIE (+pie) and "immediate binding" (+bindnow, I guess) are
the two extra flags added by hardening+=all compared to the default
ones in recent debhelper versions, maybe actually this export thing
has something to do.

Also, IIRC PIE was special due to the need to build all of the objects
(maybe including the shared libraries) with PIE support, which IIRC is
incompatible with PIC, so probably not going to happen.  I don't know
if it fails gracefully when things are incompatible or not, though.

Cheers.



More information about the Aptitude-devel mailing list