On Mon, Feb 20, 2012 at 09:28:49PM +0100, Simon Ruderich wrote:
> On Sun, Feb 19, 2012 at 10:39:40PM -0500, Ted Ts'o wrote:
> > I don't understand, but it looks like the hardening flags are being
> > passed, but either (a) they are't correct, or (b) they seemingly have
> > no effect. Can you help me? What have I missed?
>
> The hardening flags in the build log you posted are correct - and
> have an effect in your local build.
OK, so, this is considered an acceptable result?
<ty...@tytso-glaptop.cam.corp.google.com> {/kbuild/debian/e2fsprogs-1.42.1}
530% hardening-check debian/BUILD-STD/e2fsck/e2fsck
debian/BUILD-STD/e2fsck/e2fsck:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!
i.e., it's ok for the purposes of the hardening effort for the
executable to not be PIE, and not to have immediate binding enabled?
Thanks,
- Ted
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
