Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 27 Sep 2013 12:20:12 +0400
From: Michael Tokarev <mjt@....msk.ru>
To: owl-dev@...ts.openwall.com
Subject: Re: passwdqc relro

26.09.2013 22:37, Solar Designer wrote:
> Vasily, Dmitry -
>
> Can one of you reply to this Debian bug, please? -
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724278
>
> Looks like the package maintainer finds this difficult to fix.  In
> Owl-current, we're doing it system-wide, and IIRC it's the same for
> Ubuntu - but apparently not for Debian?  Should we really make the
> change in upstream passwdqc, or help Debian folks do it in their
> package?  In fact, if relro is part of their policy, why don't they do
> it system-wide rather than per package?

It is not like maintainer finds it difficult to fix, he is not 100%
sure about this.  That's like "rumors are".

Debian is using common build-flags system-wide, but each package has
to actually pass these flags to downstream build system one way or
another (since each build system is different).  That's what this
bug is about -- this package too (I mean the debian part of it)
needs to pass proper (system-wide-defined) build flags downstream.

I don't remember offhand why these options aren't turned on in Debian
in gcc itself -- probably because they're not enabled in upstream gcc
too.  But this is a different story entirely, not related to the
bugreport at hand.

For now I just hope that Jackson (the maintainer of passqwdc in debian)
will figure it all out himself.  There should be no issues at all with
enabling these flags, no patch or help is required.

Thanks,

/mjt

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ