On Sun, 22 Mar 2015 23:49:30 +0100, Christian Weisgerber wrote:
> I grepped the amd64 bulk build logs for ports that appear to build
> something with -static but without -pie:
Hold your breath, I'm working on making -static generate static PIE by
default. Though it's nice to have a list of ports to watch out for. :)
> benchmarks/bytebench
> cad/ngspice
> devel/lpc21isp
> games/sudoku-solver
> mail/femail
> mail/mini_sendmail
> net/icinga/core
> net/nagios/nagios
> net/nagios/nagios,chroot
> security/aide
> security/chntpw
> security/cryptcat
> security/integrit
> security/shash,static
> security/tempwatch
> shells/sash
> sysutils/memtest86+
This is the only one I know will have to use -nopie explicitly.
> www/fcgi-cgi
>
> Maybe there's the odd one that really can't use PIE, but generally
> I suspect they should build with -static -pie on those archs that
> support it, i.e., they should use "${STATIC}" (ultimately from
> bsd.own.mk) instead of "-static".
>
> --
> Christian "naddy" Weisgerber na...@mips.inka.de
>
>
