DebianSecurity: Difference between revisions
From DcSharedWiki
(s/References/Ubuntu/) |
m (3 revisions imported) |
(No difference)
|
Latest revision as of 05:20, 22 April 2019
Some features enabled in Ubuntu and not in Debian:
- gcc's -fstack-protector
- http://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_STACKPROTECTOR_.28gcc.2BAC8-g.2B-.2B-_-fstack-protector_--param_ssp-buffer-size.3D4.29
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469517 -fstack-protector produces segfaulting binaries on arm/armel
- PIE
- build with "-D_FORTIFY_SOURCE=2"
- RELRO
- AppArmor profiles
Work in progress:
- http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
- http://lists.debian.org/debian-devel/2011/09/msg00242.html
Ubuntu: