[systemd-devel] [PATCH] build: Honour SUID_CFLAGS and SUID_LDFLAGS

Reindl Harald h.reindl at thelounge.net
Sat May 17 13:12:18 PDT 2014



Am 17.05.2014 22:02, schrieb Cristian Rodríguez:
> El 17/05/14 14:56, Dave Reisner escribió:
>> On Sat, May 17, 2014 at 12:39:47PM -0400, Cristian Rodríguez
>> wrote:
>>> This is the standard* way used to pass special linker/compiler 
>>> flags such as -fPIE and -pie
>>>
>>> * "Standard" in the sense it is understood by many other packages
>>> and commonly used by distributions.
>>
>> This doesn't really make sense to me. I infer from the names of
>> the variables that these are flags passed to the compiler for
>> binaries which will eventually be setuid root.
> 
> That was the initial purpose of this variable, yes. Currently is just
> to provide a separate variable for hardened builds.
> 
> Note that I did not came up with this idea, It is just the way things
> are done elsewhere, where elsewhere is util-linux, policykit, various
> gnome components,enlightment,samba etc..

IMHO these days *anything* should be build as PIE
the performance impact on x86_64 is low to zero

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140517/fdcda3dd/attachment.sig>


More information about the systemd-devel mailing list