[PATCH] add a configure option for using RELRO by default
Wed Nov 11 05:10:00 GMT 2015
On 10/11/15 11:48 PM, Mike Frysinger wrote:
> On 11 Nov 2015 03:01, Romain Geissler wrote:
>> For us the goal is obviously to activate it by default, like many we have
>> been using relro binaries for years now without any issue (x64). I know
>> SuSe that we use is shipping by default binutils having a similar patch.
>> However I'll wait the advice of the binutils gurus to decide this change.
> i don't remember if i mentioned this before, but we've been doing it in Gentoo
> as well for all arches/targets since at least 2.18 / 2008. i don't recall any
> grievous bugs due to it, but it's been a long time ...
There's a similar patch in Fedora. I want this enabled in Arch Linux
(which already uses RELRO, strong SSP, _FORTIFY_SOURCE=2, etc. via
CFLAGS/LDFLAGS), but it has a policy against applying patches not
accepted by upstream (i.e. backports are fine). There's a cost to having
stuff like this out-of-tree. If the major distributions want this and
patch their toolchain to have it, that's a strong sign that it should
really be upstream (as should SSP by default in GCC).
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the Binutils