https://bugzilla.redhat.com/show_bug.cgi?id=974145 Björn Esser <bjoern.esser@xxxxxxxxx> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bjoern.esser@xxxxxxxxx --- Comment #1 from Björn Esser <bjoern.esser@xxxxxxxxx> --- Since your package ships a daemon (bluetoothd), I think it should build fully hardened. [1] /usr/libexec/bluetooth/bluetoothd: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: yes (some protected functions found) unprotected: poll unprotected: strncpy unprotected: memset unprotected: snprintf unprotected: strcat unprotected: memmove unprotected: read unprotected: recv unprotected: strcpy unprotected: memcpy unprotected: sprintf unprotected: fread protected: fdelt protected: strncpy protected: vsnprintf protected: strncat protected: snprintf protected: strcat protected: vfprintf protected: vsyslog protected: strcpy protected: memcpy protected: printf protected: sprintf protected: syslog Read-only relocations: yes Immediate binding: no, not found! consider adding `%global _hardened_build 1` on top of spec enabling PIE and fully functional RELRO. [1] https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#PIE -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=msnZhFakWd&a=cc_unsubscribe _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review