Bug#654809: enabled hardened build flags
Moritz Muehlenhoff
jmm at inutil.org
Mon Apr 2 15:34:23 UTC 2012
On Mon, Mar 19, 2012 at 08:56:19PM +1100, Karl Goetz wrote:
> On Sun, 18 Mar 2012 16:41:05 +0100
> Moritz Mühlenhoff <jmm at inutil.org> wrote:
>
> > On Wed, Mar 07, 2012 at 11:32:34AM +1100, Karl Goetz wrote:
> > > Failing that, should I just use the submitted patch to cure this
> > > issue?
>
> > I've described the backport-friendly hardening way in
> > http://wiki.debian.org/HardeningWalkthrough
>
> I've built the packages, and we've got (at least some) protection:
>
> ~/src/debian-games/freeciv/debian/freeciv-server/usr/games:master $ !h
> hardening-check freeciv-server
> freeciv-server:
> Position Independent Executable: no, normal executable!
> Stack protected: yes
> Fortify Source functions: yes
> Read-only relocations: yes
> Immediate binding: no, not found!
>
> Is this what you would expect to see? the GTK client returns the same
> set.
Yes, that's the expected outcome for the default flags, see
http://wiki.debian.org/HardeningWalkthrough
Cheers,
Moritz
More information about the Pkg-games-devel
mailing list