goxel icon indicating copy to clipboard operation
goxel copied to clipboard

Published 20 hours ago verified publisher icon guillaumechereau

Add hardening flags

Open FedericoCeratto opened this issue 7 years ago • 3 comments

Enabled by default.

FedericoCeratto avatar Sep 19 '17 22:09 FedericoCeratto

Travis complains about this one: gcc: error: unrecognized command line option ‘-fstack-protector-strong’

guillaumechereau avatar Sep 20 '17 06:09 guillaumechereau

Sorry coming back to this project after a long period of inactivity. I feel like some of those hardening flags should just be the default instead of using a special 'security' argument for it. What is the advantage of using -fPIE ?

guillaumechereau avatar Aug 13 '22 11:08 guillaumechereau

What is the advantage of using -fPIE ?

Not just security benefits, but have a look at https://en.wikipedia.org/wiki/Position-independent_code#Position-independent_executables

hendursaga avatar Sep 07 '22 20:09 hendursaga

I close this PR for the moment since I don't think it is worth having a 'security' build variant. I still think the build flags could be improved for static analysis if possible.

guillaumechereau avatar Oct 10 '22 04:10 guillaumechereau