Document hardening flags in the coding standards

bug-standards

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Document hardening flags in the coding standards

From:	Florian Weimer
Subject:	Document hardening flags in the coding standards
Date:	Wed, 04 Jul 2012 10:28:16 +0200
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:13.0) Gecko/20120605 Thunderbird/13.0

Hi,

would it make sense to document the C/C++ hardening compiler flags inthe coding standards, and recommend that they are always switched on ifpossible? This includes -D_FORTIFY_SOURCE=1, -fstack-protector, andpossibly -fPIE, -pie and the options affecting dynamic linking.


We also need to add _FORTIFY_SOURCE documentation to the libc manual.

Regards,
Florian
--
Florian Weimer / Red Hat Product Security Team

[Prev in Thread]

Current Thread

[Next in Thread]

Document hardening flags in the coding standards, Florian Weimer <=
- Re: Document hardening flags in the coding standards, Karl Berry, 2012/07/04
  - Re: Document hardening flags in the coding standards, Florian Weimer, 2012/07/05
    - Re: Document hardening flags in the coding standards, Karl Berry, 2012/07/05
    - Re: Document hardening flags in the coding standards, Florian Weimer, 2012/07/06
    - Re: Document hardening flags in the coding standards, Karl Berry, 2012/07/06
    - Re: Document hardening flags in the coding standards, Florian Weimer, 2012/07/09

Next by Date: Re: Document hardening flags in the coding standards
Next by thread: Re: Document hardening flags in the coding standards
Index(es):
- Date
- Thread