Bug #6497
closed
Cfengine binaries should be compiled with Full RELRO and PIE flags
Added by Olivier Mauras over 10 years ago.
Updated almost 10 years ago.
Description
Full RELRO and PIE are the most basic protections that should be always enabled
- Target version changed from 3.0.4 to 3.0.5
Mathhieu, I think I'm not even knowing what the request is about1. Could you qualify a little the need ?
[1] just kidding, but still, I really prefer that someone else look at that :)
- Target version changed from 3.0.5 to 3.0.6
The idea here is to add security options like https://wiki.ubuntu.com/Security/Features#relro and Position Independent Executable to the binaries we compile, especially CFEngine.
That is a good idea, we should quickly test if it is OK to add on all the architectures we support.
- Target version changed from 3.0.6 to 3.0.7
- Target version changed from 3.0.7 to 3.0.8
- Target version changed from 3.0.8 to 3.0.9
- Target version changed from 3.0.9 to 3.0.10
- Target version changed from 3.0.10 to 3.0.11
- Target version changed from 3.0.11 to 3.0.12
- Status changed from New to Rejected
Rejected as a dupe of #7257
- Is duplicate of Bug #7257: Rudder agent doesn't build with hardening flags added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Matthieu CERDA