[Pkg-shadow-devel] Bug#657010: [login] 'su' should be PIE
Török Edwin
edwintorok at gmail.com
Tue Jan 24 19:37:58 UTC 2012
On 01/24/2012 09:13 PM, Nicolas François wrote:
> Hi,
>
> On Tue, Jan 24, 2012 at 02:28:06PM +0200, xrgtn at yandex.ru wrote:
>>
>> Currently I'm reading the
>> http://wiki.debian.org/Hardening#Using_Hardening_Options
>> part, but it's still unclear for me how to apply
>> this stuff to shadow builds (assuming that the
>> last time I built shadow was more than 4 years ago
>> IIRC).
>
> After a few failures, I think I get a working patch for debian/rules.
> I still need to check whether the test suite pass successfully.
>
> Are there some known issues with the hardening flags that should be
> checked specifically?
> (except for performances, which should not be a problem for shadow utils).
With a recent GCC (and GDB) everything should be fine, hopefully it'll fail at build time if anything
is very wrong (like a failing -Wformat check).
But you might want to check if you can still debug it properly with GDB,
at least if stack traces still work or not.
(trigger a crash on purpose for example and see if the crash has a proper backtrace).
Best regards,
--Edwin
More information about the Pkg-shadow-devel
mailing list