Re: Updated patch for pkgsrc hardening

To: tech-pkg%netbsd.org@localhost
Subject: Re: Updated patch for pkgsrc hardening
From: Joerg Sonnenberger <joerg%britannica.bec.de@localhost>
Date: Thu, 3 Mar 2016 11:11:23 +0100

On Tue, Mar 01, 2016 at 01:03:06AM +0100, Pierre Pronchery wrote:
> +.if ${PKGSRC_MKPIE:Uyes} != "no"
> +# build position-independent code (with GCC, for ASLR)
> +PIE_CFLAGS?=	-fPIC
> +# XXX for executables it should be:
> +# PIE_CFLAGS?=	-fPIE
> +_GCC_CFLAGS+=	${PIE_CFLAGS}
> +PIE_LDFLAGS?=	-Wl,-pie -shared-libgcc
> +# XXX for libraries a sink wrapper around gcc is required
> +# _GCC_LDFLAGS+=-Wl,-pie
> +.endif

As I already said the last time, this is still the wrong way to link
PIE.

Joerg

Follow-Ups:
- Re: Updated patch for pkgsrc hardening
  - From: Pierre Pronchery

References:
- Updated patch for pkgsrc hardening
  - From: Pierre Pronchery

Prev by Date: Re: Updated patch for pkgsrc hardening
Next by Date: Re: Updated patch for pkgsrc hardening
Previous by Thread: Re: Updated patch for pkgsrc hardening
Next by Thread: Re: Updated patch for pkgsrc hardening
Indexes:

Home | Main Index | Thread Index | Old Index