[Pkg-shadow-devel] Bug#657010: [login] 'su' should be PIE

Török Edwin edwintorok at gmail.com
Tue Jan 24 19:37:58 UTC 2012

On 01/24/2012 09:13 PM, Nicolas François wrote:
> Hi,
> On Tue, Jan 24, 2012 at 02:28:06PM +0200, xrgtn at yandex.ru wrote:
>> Currently I'm reading the
>> http://wiki.debian.org/Hardening#Using_Hardening_Options
>> part, but it's still unclear for me how to apply
>> this stuff to shadow builds (assuming that the
>> last time I built shadow was more than 4 years ago
>> IIRC).
> After a few failures, I think I get a working patch for debian/rules.
> I still need to check whether the test suite pass successfully.
> Are there some known issues with the hardening flags that should be
> checked specifically?
> (except for performances, which should not be a problem for shadow utils).

With a recent GCC (and GDB) everything should be fine, hopefully it'll fail at build time if anything
is very wrong (like a failing -Wformat check).

But you might want to check if you can still debug it properly with GDB,
at least if stack traces still work or not.
(trigger a crash on purpose for example and see if the crash has a proper backtrace).

Best regards,

More information about the Pkg-shadow-devel mailing list