| 1 |
On 09/09/2018 14:32, Andrew Savchenko wrote: |
| 2 |
> My point is that in *most* cases -Werror indeed should be removed, |
| 3 |
> because upstream rarely can keep up with all possible configure, |
| 4 |
> *FLAGS, compiler versions and arch combinations. But! In some cases |
| 5 |
> — especially for security oriented software — this flag may be |
| 6 |
> pertain and may be kept at maintainer's discretion. |
| 7 |
> |
| 8 |
> The rationale is that -Werror usually points to dangerous |
| 9 |
> situations like uninitialized variables, pointer type mismatch or |
| 10 |
> implicit function declaration (and much more) which may lead to |
| 11 |
> serious security implications. |
| 12 |
|
| 13 |
Not sure if user feedback is welcome or not, but consider: |
| 14 |
|
| 15 |
A piece of security oriented software gets an update (v2) that closes a |
| 16 |
security hole in v1. User tries to update to v2, but the emerge fails |
| 17 |
because of -Werror. User stays on v1 and thus remains vulnerable. |
| 18 |
|
| 19 |
-Werror achieved the exact opposite of what the intent was. |
Archives