smf icon indicating copy to clipboard operation
smf copied to clipboard
verified publisher icon smfrpc

pass -fPIC to all deps

Open emaxerrno opened this issue 6 years ago • 3 comments

Just like we did for boost, we need to pass test that we are always building ourselves and deps with -fPIC so we can ship binaries around servers.

emaxerrno avatar Mar 30 '19 22:03 emaxerrno

/cc @noahdesu

emaxerrno avatar Mar 30 '19 22:03 emaxerrno 


➜  debug git:(master) hardening-check bin/smf_demo_server 
bin/smf_demo_server:
 Position Independent Executable: no, normal executable!
 Stack protected: yes
 Fortify Source functions: no, only unprotected functions found!
 Read-only relocations: yes
 Immediate binding: no, not found!

emaxerrno avatar Mar 30 '19 22:03 emaxerrno

https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/

emaxerrno avatar Mar 30 '19 22:03 emaxerrno