| 1 |
On Mon, May 8, 2017 at 19:11:28 CEST, R0b0t1: |
| 2 |
> [...] |
| 3 |
> It might not matter for anyone on this list, but it seems like GCC 6 |
| 4 |
> doesn't support hardening properly. I'm kind of disappointed that they |
| 5 |
> seem to want to skip it but I can understand the amount of work they |
| 6 |
> might be avoiding. |
| 7 |
|
| 8 |
Could you please specify what kind of hardening isn’t supported? On |
| 9 |
#gentoo-hardened on Freenode IRC I got the information that gcc includes |
| 10 |
now patches that had to be patched by Gentoo in earlier versions. Therefore |
| 11 |
-no{pie,ssp,ssppie}-subprofiles don’t exist anymore. |
| 12 |
|
| 13 |
checksec’s[1] output didn’t change neither to something less hardened. |
| 14 |
|
| 15 |
[1] =app-admin/checksec-1.7.5::gentoo |
| 16 |
|
| 17 |
|
| 18 |
Greetings, |
| 19 |
Nils |
| 20 |
|
| 21 |
PS: Testing gcc-7.1.0 on ~amd64/hardened right now. |
| 22 |
|
| 23 |
-- |
| 24 |
GPG fingerprint: '00EF D31F 1B60 D5DB ADB8 31C1 C0EC E696 0E54 475B' |
| 25 |
Nils Freydank |
Archives