intrigeri: > Hi Chris, > > Chris Lamb: >>> lintian: Please identify lack of sanitation compiler/linker flags > >> Is this not covered by the following tags? > >> hardening-no-bindnow >> hardening-no-fortify-functions >> hardening-no-pie >> hardening-no-relro > > Nope: this bug report is about another debugging/hardening option > (ASan and friends). > >> (etc.) > > Maybe :) > > Cheers, >
Hi, Having read http://www.openwall.com/lists/oss-security/2016/02/17/9 which Jakub Wilk linked to, I do not think the sanitizers in their current form are ready for arbitrary cases. If we could have most of the advantages of these sanitizers without introducing trivial "local-user-to-root-via-setuid" exploits and some of the other issues, then I would personally be much more supportive of this. Thanks, ~Niels
