Package: nfs-common Version: 1:1.2.8-7 Severity: wishlist
Hi, according to the checksec.sh script, binaries provided by nfs-utils are not compiled with all available hardening features: RELRO STACK CANARY NX PIE RPATH RUNPATH FILE No RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /sbin/rpc.statd Partial RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /usr/sbin/rpc.gssd No RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /usr/sbin/rpc.idmapd Partial RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /usr/sbin/rpc.svcgssd Since those daemons are potentially exposed to untrusted network traffic, could you please compile the package with more hardening features ? -- Laurent. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
