[arch-dev-public] Proposal: enabling full ASLR on x86_64 via hardening-wrapper

Daniel Micay danielmicay at gmail.com
Sun Dec 21 20:53:55 UTC 2014


One more thing to note about this is that we'd need to do a rebuild of
the remaining 186 packages with static libraries. In many cases, those
libraries will probably just vanish thanks to the !staticlibs default.

Static libraries aren't currently built as position independent unless
they're meant to be usable in dynamic libraries.

I think the only case where setting HARDENING_PIE=0 would be necessary
is to deal with proprietary static libraries that are non-PIC/PIE but
AFAIK there are none in the repositories anyway.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20141221/256a5283/attachment.bin>


More information about the arch-dev-public mailing list