Hi,
As of today, with current Sid on amd64:
$hardening-check /usr/bin/iceweasel
/usr/bin/iceweasel:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: no, not found!
Immediate binding: no, not found!
Is it possible to re-consider enabling the other hardening options?
Namely PIE, RELRO and BINDNOW
Virtually all the other distributions enable all hardening bells and
whistles as they consider web-browsers critical packages. IMHO
firefox had enough memory corruption bugs documented over the years
to warrant the performance cost of enabling these options.
Regards,
Florent
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
