On Tue, Dec 18, 2012 at 1:44 AM, Mike Frysinger <vapier@xxxxxxxxxx> wrote: > On Tuesday 18 December 2012 01:10:14 Jeffrey Walton wrote: >> If you are going to try the waters with warnings, you should also >> consider the flags to integrate with platform security. >> >> Platform security integration includes fortified sources and stack >> protectors. Here are the flags of interest: >> * -fstack-protector-all >> * -z,noexecstack >> * -z,noexecheap (or other measure, such as W^X) >> * -z,relro >> * -z,now >> * -fPIE and -pie for executables > > if you do choose to add these to your configure script, you should provide a > flag to control the behavior (default enabling is OK). some of these are not > cheap, especially for some architectures. Good point. A noexec stack or noexec heap can be costly if using PaX. What abstractions does Autoconf have to identify platforms and security measures so a maintainer can supply one configure that works for all platforms and architectures? For example, noexec stacks should be enabled by default on x86 and x64. To split hairs even further, noexec stacks should be on by default for x86 and x64, while noexec heaps should be in effect on Gentoo systems running on x86 and x64. Leaving these security related decisions to developers has a history of failures due to gaps in awareness and knowledge (confer: audit the software at ftp.gnu.org). In this case, Autoconf can close the gap and be part of the solution. Jeff _______________________________________________ Autoconf mailing list Autoconf@xxxxxxx https://lists.gnu.org/mailman/listinfo/autoconf
