Package: lintian Version: 2.5.46 Severity: wishlist There are some Windows binaries in Debian. For example the installer ISOs include a Windows installer, but also other packages include these PE binaries. And these days, Windows binaries should have security features enabled by default. But not all of them do, and I believe lintian should detect and warn if we discribute PE binaries without these features enabled.
Here is an example using a 15 year old binary I had lying around: % file WirelessCom2.exe WirelessCom2.exe: PE32 executable (console) Intel 80386, for MS Windows % pesec WirelessCom2.exe ASLR: no DEP/NX: no SEH: yes Stack cookies (EXPERIMENTAL): yes % Both ASLR and DEP/NX should be enabled in a properly compiled Windows binary. The mingw compiler in Debian recently changed its default settings to enable these (see <URL: https://bugs.debian.org/836365 >), and now I believe we should add a lintian check to track down all packages in need of a rebuild. I'll try to find time to write such lintian check myself, and create this bug report to make others aware of the idea and to reduce the chance of duplicate efforts if others are considering the same. -- Happy hacking Petter Reinholdtsen
