[hardening-discuss] Using hardening-wrapper but lintian warning still present
José Luis Segura Lucas
josel.segura at gmx.es
Wed Jun 20 10:21:15 UTC 2012
Hi!
I'm intending to package a software for Debian. I have a Debian package
with some lintian warning about hardening, but I removed most of them
using hardening-wrapper and the env DEB_BUILD_HARDENING=1 in my
debian/rules.
I only have one lintian warning now: hardening-no-fortify-functions
I see that the -D_FORTIFY_SOURCE=2 is included in each compiler
execution. This is the output of hardening-check:
$ hardening-check --verbose /usr/bin/grive
/usr/bin/grive:
Position Independent Executable: yes
Stack protected: yes
Fortify Source functions: no, only unprotected functions found!
unprotected: memmove
unprotected: read
unprotected: memcpy
Read-only relocations: yes
Immediate binding: yes
I asked on debian-devel and they told me that I can add an override if
only memmove ormemcpy is shown, but I have an unprotected read too.
How can I avoid this warning? It is my last problem after doing the RFS...
Best regards and thanks in advance :-)
--
José Luis Segura Lucas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/hardening-discuss/attachments/20120620/6a88ae55/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/hardening-discuss/attachments/20120620/6a88ae55/attachment.pgp>
More information about the hardening-discuss
mailing list