Bug #6497
closed
Cfengine binaries should be compiled with Full RELRO and PIE flags
Added by Olivier Mauras over 9 years ago.
Updated about 9 years ago.
Description
Full RELRO and PIE are the most basic protections that should be always enabled
- Target version changed from 3.0.4 to 3.0.5
Mathhieu, I think I'm not even knowing what the request is about1. Could you qualify a little the need ?
[1] just kidding, but still, I really prefer that someone else look at that :)
- Target version changed from 3.0.5 to 3.0.6
The idea here is to add security options like https://wiki.ubuntu.com/Security/Features#relro and Position Independent Executable to the binaries we compile, especially CFEngine.
That is a good idea, we should quickly test if it is OK to add on all the architectures we support.
- Target version changed from 3.0.6 to 3.0.7
- Target version changed from 3.0.7 to 3.0.8
- Target version changed from 3.0.8 to 3.0.9
- Target version changed from 3.0.9 to 3.0.10
- Target version changed from 3.0.10 to 3.0.11
- Target version changed from 3.0.11 to 3.0.12
- Status changed from New to Rejected
Rejected as a dupe of #7257
- Is duplicate of Bug #7257: Rudder agent doesn't build with hardening flags added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by Matthieu CERDA