Hello folks,
I'm looking at this feature:
https://fedoraproject.org/wiki/Changes/Harden_All_Packages
<quote>
How To Test
Running checksec should always report only
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH
otherwise a tracking bug should exist for the respective packages
</quote>
On a current Rawhide installation I'm seeing lots of potential failures, for
example:
Partial RELRO Canary found NX enabled No PIE No RPATH No
RUNPATH
Question is how to deal with these because they appear to be in the hundreds ?
I will do my best to filter out any false negatives and group the results per
package but this still leaves quite a big number of bugs to report.
How do you feel about reporting all of these offences automatically ? Are there
any known exceptions which should be mentioned in the wiki page above ?
--
Alex
--
packaging mailing list
packaging@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/packaging
