https://bugzilla.redhat.com/show_bug.cgi?id=977446 --- Comment #21 from Richard W.M. Jones <rjones@xxxxxxxxxx> --- (In reply to Björn Esser from comment #17) > (In reply to Richard W.M. Jones from comment #14) > > It's still not quite right. With this change, I get: > > > > $ hardening-check /usr/lib64/nbdkit/plugins/nbdkit-example1-plugin.so > > /usr/lib64/nbdkit/plugins/nbdkit-example1-plugin.so: > > Position Independent Executable: no, regular shared library (ignored) > > Stack protected: no, not found! > > Fortify Source functions: no, only unprotected functions found! > > Read-only relocations: yes > > Immediate binding: yes > > > > It looks like fortify source CFLAGS are being dropped somewhere. > > According to build.log CFLAGS are always applied correctly. Do these > plugins which fail stack-protector even do any operation on stack or are > they performing on heap, only? OK looks like this is a false alarm: https://lists.fedoraproject.org/pipermail/devel/2013-June/184424.html I have checked the xz plugin and it is indeed being fully hardened: https://lists.fedoraproject.org/pipermail/devel/2013-June/184428.html -- You are receiving this mail because: You are on the CC list for the bug. Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=Yf69Ja4kWB&a=cc_unsubscribe _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review