[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [autoconf] Problems Configuring (C Compiler cannot produce executabl
From: |
Jeffrey Walton |
Subject: |
Re: [autoconf] Problems Configuring (C Compiler cannot produce executables) |
Date: |
Wed, 22 Aug 2012 18:29:57 -0400 |
On Wed, Aug 22, 2012 at 6:17 PM, Jeffrey Walton <address@hidden> wrote:
> On Wed, Aug 22, 2012 at 3:36 PM, Russ Allbery <address@hidden> wrote:
>> Jeffrey Walton <address@hidden> writes:
>>
>> Here's what Debian is using:
>>
>> CFLAGS=-g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat
>> -Werror=format-security
>> CPPFLAGS=-D_FORTIFY_SOURCE=2
>> CXXFLAGS=-g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat
>> -Werror=format-security
>> FFLAGS=-g -O2
>> LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now
> Debian does a good job. I think there is room for improvement (such as
> DEP and ASLR), and hope the maintainers stiffen their security posture
> in the future.
Forgot to mention.... I know some folks in DoD that have some really
interesting stack based attacks. They can take out an innocent looking
frame in an area different than the call site. Hence the reason to
consider -fstack-protector-all (make it as painful as possible on
them).
Jeff
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), (continued)
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Russ Allbery, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Jeffrey Walton, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Russ Allbery, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Mike Frysinger, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Jeffrey Walton, 2012/08/23
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Jeffrey Walton, 2012/08/23
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables),
Jeffrey Walton <=
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Mike Frysinger, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Jeffrey Walton, 2012/08/23
- Re: Problems Configuring (C Compiler cannot produce executables), Miles Bader, 2012/08/23
- Re: Problems Configuring (C Compiler cannot produce executables), Russ Allbery, 2012/08/23
- Re: [autoconf] Re: Problems Configuring (C Compiler cannot produce executables), suzuki toshiya, 2012/08/23
- Re: Problems Configuring (C Compiler cannot produce executables), Ralf Corsepius, 2012/08/23
- Re: Problems Configuring (C Compiler cannot produce executables), Russ Allbery, 2012/08/23
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Mike Frysinger, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Jeffrey Walton, 2012/08/22
- Re: [autoconf] Problems Configuring (C Compiler cannot produce executables), Mike Frysinger, 2012/08/22