[hardening-discuss] Bug#836162: diversions for linkers need an update
Niels Thykier
niels at thykier.net
Fri Oct 7 05:35:00 UTC 2016
Moritz Muehlenhoff:
> On Wed, Sep 14, 2016 at 10:03:51PM -0700, Kees Cook wrote:
>> On Thu, Sep 01, 2016 at 05:17:06PM +0200, Moritz Muehlenhoff wrote:
>>> I think we should remove hardening-wrapper for the stretch release? dpkg-buildflags/dh
>>> are around for a long time now and we're down to about 50 reverse dependencies at
>>> this point. Plus, lintian marks it as deprecated for quite a while now.
>>>
>>> Kees, what do you think?
>>
>> Yeah, it (and hardening-includes) should get removed in favor of
>> the dpkg-buildflags method. However, this means we need to move the
>> "hardening-check" script from hardening-includes to lintian, probably.
>
> hardening-wrapper has now been removed, so hardening-check needs a new
> home.
>
> Adding the Lintian maintainers to CC, what's your opinion on merging it into
> lintian?
>
> Cheers,
> Moritz
>
Lintian has embedded the checks, but has not taken over the tool.
There were talk about putting the actual tool in devscritps, but I don't
know what happened with that. That said, I do not feel the tool fits
into lintian - at least not with lintian current design.
Thanks,
~Niels
More information about the hardening-discuss
mailing list