[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Enabling compiler warning flags

From: Mike Frysinger
Subject: Re: Enabling compiler warning flags
Date: Tue, 18 Dec 2012 01:44:48 -0500
User-agent: KMail/1.13.7 (Linux/3.7.1; KDE/4.6.5; x86_64; ; )

On Tuesday 18 December 2012 01:10:14 Jeffrey Walton wrote:
> If you are going to try the waters with warnings, you should also
> consider the flags to integrate with platform security.
> Platform security integration includes fortified sources and stack
> protectors. Here are the flags of interest:
>   * -fstack-protector-all
>   * -z,noexecstack
>   * -z,noexecheap (or other measure, such as W^X)
>   * -z,relro
>   * -z,now
>   * -fPIE and -pie for executables

if you do choose to add these to your configure script, you should provide a 
flag to control the behavior (default enabling is OK).  some of these are not 
cheap, especially for some architectures.

Attachment: signature.asc
Description: This is a digitally signed message part.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]