In Edgy, we enabled "-fstack-protector" to gain protections against stack overflow attacks. For Intrepid, we've added more:
-Wl,-z,relro This is designed to provide some protection to ELF binaries so they can have their runtime link maps not as useful a target for attackers. Daemons and other programs that are more interested in security than time-to-load can also add "-Wl,-z,now" for maximal benefit. If this option causes problems, you can add "-Wl,-z,norelro" to LDFLAGS. -Wformat -Wformat-security This is designed to warn during compile-time about potentially unsafe format string usage. Generally "%s" is missing: 'printf(buffer);' instead of the correct 'printf("%s",buffer);' These warnings will frequently not point to security issues, but I urge everyone to fix them if you see them anyway. To disable format-security warnings when you run with -Wall, use "-Wno-format-security". To disable all format warnings, use "-Wformat=0". -D_FORTIFY_SOURCE=2 This is going to cause the most pain for this release -- this option enables checks for common unsafe usage of various libc functions (read, strcpy, memcpy, sprintf, printf, system, etc). Most of the errors will be real things that need to be fixed in the source, with varying degree of importance. Even if they don't turn out to be serious issues, they will improve the overall quality of code in Ubuntu. To disable these checks, use "-U_FORTIFY_SOURCE" in your CPPFLAGS. Further details and examples of failure conditions are written up in the wiki: https://wiki.ubuntu.com/CompilerFlags Thanks in advance for everyone's time and attention for fixing the issues that will crop up. :) -Kees -- Kees Cook Ubuntu Security Team -- Ubuntu-motu mailing list Ubuntu-motu@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu