| 1 |
On Friday 17 March 2006 00:02, Mikey wrote: |
| 2 |
> When I look in /etc/env.d/05gcc, nothing is set for GCC_SPECS: |
| 3 |
|
| 4 |
that's because hardened profiles have the default specs swapped from the |
| 5 |
default specs in a non-hardened profile ... |
| 6 |
|
| 7 |
hardened profile specs: default vanilla |
| 8 |
non-hardened profile specs: hardened default |
| 9 |
|
| 10 |
basically, while building gcc, we do something like: |
| 11 |
if use hardened ; then |
| 12 |
cp hardened.specs specs |
| 13 |
else |
| 14 |
cp vanilla.specs specs |
| 15 |
fi |
| 16 |
where "specs" represents the default compiler settings |
| 17 |
|
| 18 |
so the `gcc-config -l` output on a hardened system lists "vanilla" as an |
| 19 |
option while on a non-hardened system you get the option "hardened" |
| 20 |
|
| 21 |
> So I guess my question is - how do I know everything is actually being |
| 22 |
> compiled with the hardened specific flags? A diff |
| 23 |
> on /usr/lib/gcc/i686-pc-linux-gnu/3.4.5/specs and hardened.specs shows no |
| 24 |
> differences, is it safe to assume the default specs file is being used even |
| 25 |
> though it is not being set anywhere in the environment? |
| 26 |
|
| 27 |
see above as to why your diff showed no differences |
| 28 |
-mike |
| 29 |
-- |
| 30 |
gentoo-hardened@g.o mailing list |
Archives