On Tuesday 18 December 2012 01:10:14 Jeffrey Walton wrote: > If you are going to try the waters with warnings, you should also > consider the flags to integrate with platform security. > > Platform security integration includes fortified sources and stack > protectors. Here are the flags of interest: > * -fstack-protector-all > * -z,noexecstack > * -z,noexecheap (or other measure, such as W^X) > * -z,relro > * -z,now > * -fPIE and -pie for executables if you do choose to add these to your configure script, you should provide a flag to control the behavior (default enabling is OK). some of these are not cheap, especially for some architectures. -mike
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Autoconf mailing list Autoconf@xxxxxxx https://lists.gnu.org/mailman/listinfo/autoconf
