Re: _hardened_build not affecting libtool-compiled libraries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Jun 24, 2013 at 8:46 PM, Richard W.M. Jones <rjones@xxxxxxxxxx> wrote:
> but the plugins from that build are not hardened fully:
Isn't it possible that the plugins are just so trivial that there were
no opportunities for hardening?

>   $ hardening-check ./usr/lib64/nbdkit/plugins/nbdkit-example1-plugin.so
>   ./usr/lib64/nbdkit/plugins/nbdkit-example1-plugin.so:
>    Position Independent Executable: no, regular shared library (ignored)
>    Stack protected: no, not found!
No on-stack arrays that I can find.

>    Fortify Source functions: no, only unprotected functions found!
I can see libc calls with compile-time-known destination sizes except
for example1_load () where it can be statically proven the call is
safe.
    Mirek
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux