| 1 |
onsdag 17 januari 2018 kl. 13:27:25 CET skrev Tóth Attila: |
| 2 |
> I've just came accross a Fedora 28 memo about hardening their flags: |
| 3 |
> https://fedoraproject.org/wiki/Changes/HardeningFlags28 |
| 4 |
> 1. -fstack-clash-protection |
| 5 |
> 2. -fcf-protection=full |
| 6 |
> 3. -mcet |
| 7 |
> 4. for C++: -D_GLIBCXX_ASSERTIONS |
| 8 |
> |
| 9 |
> According to the builtin specs these are not in current use for |
| 10 |
> sys-devel/gcc-7.2. |
| 11 |
> |
| 12 |
> It may worth to consider moving the same direction as Fedora. Wouldn't it |
| 13 |
> be a shame if a regular non-rolling distro would make use of harder flags |
| 14 |
> compared to Gentoo Hardened? |
| 15 |
> |
| 16 |
> BR: Dw. |
| 17 |
Most of the options is for Gcc 8 or newer. |
| 18 |
Still waiting what get add for the Spectre stuff. |
Archives