DebianSecurity: Difference between revisions
From DcSharedWiki
(add some links) |
(s/References/Ubuntu/) |
||
| Line 17: | Line 17: | ||
* http://lists.debian.org/debian-devel/2011/09/msg00242.html |
* http://lists.debian.org/debian-devel/2011/09/msg00242.html |
||
Ubuntu: |
|||
References: |
|||
* https://wiki.ubuntu.com/Security/Features |
* https://wiki.ubuntu.com/Security/Features |
||
Revision as of 02:02, 16 September 2011
Some features enabled in Ubuntu and not in Debian:
- gcc's -fstack-protector
- http://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_STACKPROTECTOR_.28gcc.2BAC8-g.2B-.2B-_-fstack-protector_--param_ssp-buffer-size.3D4.29
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469517 -fstack-protector produces segfaulting binaries on arm/armel
- PIE
- build with "-D_FORTIFY_SOURCE=2"
- RELRO
- AppArmor profiles
Work in progress:
- http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
- http://lists.debian.org/debian-devel/2011/09/msg00242.html
Ubuntu:
