Am 05.02.2015 um 15:58 schrieb Christian Rößner:
So at the moment I stay at my opinion that Postfix is running very stable wie PIE ans SSP. If I am wrong, please contact me offlist. Then I would have to do a lot of work to correct this problem. Hopefully not. ;-)
postfix is running fine with PIE and -fstack-protector-all for years here as any other software, in the meantime -fstack-protector-strong reached GCC in several distribution for a good compromise of -fstack-protector not beeing enough these days and -fstack-protector-all has too much performance impact for too less gain
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH /usr/libexec/postfix/smtpd Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH /usr/libexec/postfix/postscreen
the thread is more about still support PIE in combination of "shared" and upcoming Postfix 3.x
