dave b wrote:
> On 21 November 2010 02:45, Jonathan Nieder <jrnie...@gmail.com> wrote:
>> Also, I am not the GCC maintainer, but from experience of receiving
>> reports from people building software with Ubuntu, I think changing
>> the defaults in GCC is quite wrong.
>
> Why do you think this?
Well, I should scale that back a little and say, an easy way for
individual users to turn on hardening build flags in GCC is very
welcome.
My comment is really about the default. The main problem I had in
mind is that with -D_FORTIFY_SOURCE=2, if you are not specifically
coding with that in mind, there are spurious warnings like this:
some-file.c:70: warning: ignoring return value of ‘write’, declared
with attribute warn_unused_result
Sometimes that may be a welcome warning, but often enough one knows
very well that errors are being ignored. And
(void) whatever_function(...
does not suppress this; you instead have to uglify your code like so:
int unused = whatever_function(...
The consequences are worst when a person or project makes the
misguided choice of using -Werror on code he is not developing.
Then with a GCC update, the code starts to fail to build from source,
for confusing reasons like the above, without much of an upside to
the non-developer to offset that.
That said, the burden of handling fallout like this seems perfectly
acceptable for a project like Debian to take on. It is not such a
cost for secure code. That is why I would be happy to see hardening
flags added for the build of Debian packages, though not for the
default invocation of gcc.
Hoping that is clearer.
Jonathan
--
To UNSUBSCRIBE, email to debian-gcc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20101120160931.ga10...@burratino
