diff options
Diffstat (limited to 'changes/compileTimeHardening')
| -rw-r--r-- | changes/compileTimeHardening | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/changes/compileTimeHardening b/changes/compileTimeHardening deleted file mode 100644 index 9e90dd2147..0000000000 --- a/changes/compileTimeHardening +++ /dev/null @@ -1,12 +0,0 @@ -Add two new configure flags: - --enable-gcc-hardening - This turns on gcc compile time hardening options. It ensures that - signed ints have defined behavior (-fwrapv), -D_FORTIFY_SOURCE=2 is - enabled (requiring -O2), stack smashing protection with canaries - (-fstack-protector-all), ASLR protection if supported by the kernel - (-fPIE, -pie). Additional security related warnings are enabled. - Verified as working on Mac OS X and Debian Lenny. - - --enable-linker-hardening - This turns on ELF specific hardening features (relro, now). This does - not work with Mac OS X or any other non-ELF binary format. |