On 12/05/2017 03:26 PM, Corbin wrote: > > In "packages" that throw out the "CFLAGS / CXXFLAGS" values in the > end-users "make.conf" and substitute their own ... how will that be handled? >
The GCC ebuilds all use toolchain.eclass which is incomprehensible to me, but it looks like the default behavior for gcc-6.x is to pass "--enable-default-pie" and "--enable-default-ssp" to the build process of GCC itself. That changes the default behavior of GCC to (as the names say) enable PIE and SSP by default. Consequently, if a package ignores your CFLAGS, the PIE/SSP should still take effect, because GCC does them by default. Only a package that adds its own -no-pie flag (for example) would cause problems.
