Hi All, 2016-05-28 23:16 GMT+02:00 Bálint Réczey <bal...@balintreczey.hu>: > Hi, > > 2016-05-18 2:21 GMT+02:00 Guillem Jover <guil...@debian.org>: >> On Tue, 2016-05-17 at 12:08:09 +0200, Matthias Klose wrote: >>> I'm not a fan myself for turning on hardening flags in the compiler itself, >>> but if you do that, then dpkg issues like https://bugs.debian.org/823869 >>> need to be addressed (whether all obscure build systems picking these up, or >>> not). >> >> That bug report is not relevant in its current form, as explained >> there. >> >> If the default changes in the Debian default compiler, then I'll just >> make the +pie option a no-op and change -pie to set -fno-PIE, so that >> the options are only added when they are expected. >> >> The difference with that request is that it would currently add >> -fno-PIE for most packages that do not change the default flags, >> which might break their build-systems. > > Thank you Guilllem. > > Matthias, are you OK with the resolution of #823869 and would you be > OK with using --enable-default-pie for GCC if dpkg adopts the solution > described above?
For the record I have opened #835146, #835148 and #835149 against dpkg and gcc-6 with a set of proposed patches [2] which seem to work well. [2] https://people.debian.org/~rbalint/ppa/pie-bindnow/
