| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: _FORTIFY_SOURCE by default? |
| Date: | 2012-09-16 14:36:13 |
| Message-ID: | 5055E3DD.3060207@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 09/16/2012 12:41 AM, Tom Lane wrote:
> Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
>> _FORTIFY_SOURCE=2 appears to be the default for package building on many
>> Linux distributions now, as part of harding or security options. But we
>> often hear about problems related to this only when we hand the source
>> over to the packagers. So I think we might as well add this to our
>> standard compilation options, for example in src/include/port/linux.h.
>> What do you think?
> Doesn't seem like a good idea to me to add platform-specific options
> with unspecified effects to platform-independent upstream sources.
>
> To the extent that this option finds anything useful (which in my
> experience is a negligibly small percentage anyway), it's the
> responsibility of the packagers (including me) to report it.
>
>
Might be worth having a buildfarm animal or two building with it, say by
setting CFLAGS before configure?
cheers
andrew
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2012-09-16 15:26:02 | Re: _FORTIFY_SOURCE by default? |
| Previous Message | Andres Freund | 2012-09-16 14:23:14 | Re: embedded list v2 |