Hi, As of today, with current Sid on amd64:
$hardening-check /usr/bin/iceweasel /usr/bin/iceweasel: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: no, not found! Immediate binding: no, not found! Is it possible to re-consider enabling the other hardening options? Namely PIE, RELRO and BINDNOW Virtually all the other distributions enable all hardening bells and whistles as they consider web-browsers critical packages. IMHO firefox had enough memory corruption bugs documented over the years to warrant the performance cost of enabling these options. Regards, Florent -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org