On Sat, 31 Dec 2011, Moritz Muehlenhoff wrote: > Package: diffutils > Version: 1:3.2-1 > Severity: important > Tags: patch > > Please enabled hardened build flags through dpkg-buildflags. > > Patch attached. (dpkg-buildflags abides "noopt" from DEB_BUILD_OPTIONS)
Applied the patch and this is what hardening-check now tells me: /usr/bin/diff: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no not found! Thw wiki page, namely: http://wiki.debian.org/Hardening#Validation has a paragraph explaning "Stack protected" and another one explaining "Fortify Source functions", but does not say anything about "Position Independent Executable" or "Immediate binding". So: Am I doing anything wrong, or maybe the web page should also tell something about cases where Position Independent Executable is "no" but it's also ok? (resp. Immediate binding). Thanks. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
