i get somehow tired to report bugs for several packages, refresh them at each release because maintainers ignore guidelines all the time some of them responded and fixed their packages some insist to ignore them https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#PIE If your package meets any of the following criteria you MUST enable the PIE compiler flags: * Your package is long running * Your package runs as root ____________________________________________ since there is nobody logged in these are *all* long running processes and enough of them even running as root and so match *two* reasons for harden them [root@srv-rhsoft:~]$ checksec --proc-all | grep "No PIE" X 21342 Partial RELRO Canary found NX enabled No PIE login 26045 Partial RELRO Canary found NX enabled No PIE alsactl 642 Partial RELRO Canary found NX enabled No PIE mdadm 651 Partial RELRO Canary found NX enabled No PIE upowerd 704 Partial RELRO Canary found NX enabled No PIE avahi-daemon 705 Partial RELRO Canary found NX enabled No PIE rtkit-daemon 718 Partial RELRO Canary found NX enabled No PIE pulseaudio 869 Full RELRO Canary found NX enabled No PIE
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
