| 1 |
Hi Michael, |
| 2 |
|
| 3 |
On Sun, Jun 11, 2017, at 16:39 CDT, Michael Brinkman <thygreatswaggedone@×××××.com> wrote: |
| 4 |
|
| 5 |
> So I was just wondering if ~arch is ready for more secure defaults on |
| 6 |
> the 17.0 profiles in the linker flags. There are several |
| 7 |
> distributions which ship RELRO by default and I am not aware of any |
| 8 |
> performance issues regarding this. |
| 9 |
|
| 10 |
We (i.e. toolchain) are in the process of enabling quite a number of |
| 11 |
security hardening features on default profiles. In particular |
| 12 |
|
| 13 |
- (force) +pie +ssp for gcc-6 onwards in 17.0 profiles |
| 14 |
|
| 15 |
- enable additional hardening features for glibc-2.25 and newer |
| 16 |
(will be merged soon). |
| 17 |
|
| 18 |
But, yes. Updated linker flags are a very good point. I have put updated |
| 19 |
linker flags on the toolchain meeting agenda for next week. |
| 20 |
|
| 21 |
|
| 22 |
The hardened profiles (even used without a hardened kernel) will serve |
| 23 |
an important difference in the future. While we try to enable as many |
| 24 |
security features on default profiles as possible, we have to compromise |
| 25 |
between security features and not introducing regressions. The hardened |
| 26 |
profiles will thus have more aggressive security features enabled for |
| 27 |
the foreseeable future (at the cost of more potential breakage). |
| 28 |
|
| 29 |
Best, |
| 30 |
Matthias |
Archives