----- Original Message ----- > From: "mrnuke" <mr.nuke.me@xxxxxxxxx> > To: devel@xxxxxxxxxxxxxxxxxxxxxxx > Sent: Thursday, December 5, 2013 3:37:14 PM > Subject: Re: FTBFS if "-Werror=format-security" flag is used > > On 12/05/2013 07:38 AM, Ralf Corsepius wrote: > > As I see it, GCC's -Wformat-security is too unreliable to be used in > > production. It certainly diagnoses valid security leaks in some cases, > > but all it does in other cases is to enforce stylishness to work outs > > GCC's limitations. I.e. in these case it effectively only causes churn. > > > > I.e. I see sense in adding it to %optflags as a warning (-W...), but > > raising this warning to an error (-Werror=...) at this point in time > > qualifies as not helpful. > > > +1 I think the point of turning the warning into explicit error is to intentionally make the package / source build failing to indicate there's an error present somewhere in the code and that it should be fixed. Better to be safe than sorry (in this context better to fix all known format string flaws ahead rather to wait till someone actually takes the time and effort to show it's exploitable [like in the mentioned sudo case already]). In that scenario it will need to be fixed anyway (and possibly yet in more hurry than it's now). Just my 2 cents. Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
