Orion Poplawski writes:
> This may help:
>
> https://fedoraproject.org/wiki/Changes/Harden_All_Packages
Maybe...
> I've done this for EL6:
>
> # _hardened_build not working for EL6, at least define
> __global_ldflags for now
> %{!?__global_ldflags: %global __global_ldflags -Wl,-z,relro -Wl,-z,n
On 04/20/2016 08:12 AM, Dave Love wrote:
I have a package to submit that has an suid binary. The packaging
guidelines say in that case you must
%global _hardened_build 1
and it turns on PIE/PIC. However, it doesn't do so on el6, at least.
Should flags be added by hand and, if so, exactly whic
No most likely the suid file should be fine with SELInux. Only a
confined user would
be prevented from using it.
On 04/20/2016 07:12 AM, Dave Love wrote:
I have a package to submit that has an suid binary. The packaging
guidelines say in that case you must
%global _hardened_build 1
and it t
I have a package to submit that has an suid binary. The packaging
guidelines say in that case you must
%global _hardened_build 1
and it turns on PIE/PIC. However, it doesn't do so on el6, at least.
Should flags be added by hand and, if so, exactly which?
Also, does an suid binary require somet
