https://bugzilla.redhat.com/show_bug.cgi?id=977446 --- Comment #17 from Björn Esser <bjoern.esser@xxxxxxxxx> --- (In reply to Richard W.M. Jones from comment #14) > It's still not quite right. With this change, I get: > > $ hardening-check /usr/lib64/nbdkit/plugins/nbdkit-example1-plugin.so > /usr/lib64/nbdkit/plugins/nbdkit-example1-plugin.so: > Position Independent Executable: no, regular shared library (ignored) > Stack protected: no, not found! > Fortify Source functions: no, only unprotected functions found! > Read-only relocations: yes > Immediate binding: yes > > It looks like fortify source CFLAGS are being dropped somewhere. According to build.log CFLAGS are always applied correctly. Do these plugins which fail stack-protector even do any operation on stack or are they performing on heap, only? -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=i7jYX6xsCu&a=cc_unsubscribe _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review