Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed
* [Galene] -buildmode=pie
@ 2021-03-03  0:11 Michael Ströder
  2021-03-03  0:56 ` [Galene] -buildmode=pie Dave Taht
  2021-03-03  1:36 ` Juliusz Chroboczek
  0 siblings, 2 replies; 3+ messages in thread
From: Michael Ströder @ 2021-03-03  0:11 UTC (permalink / raw)
  To: galene

HI!

The galene.spec for openSUSE/SLE contains -buildmode=pie which IIRC I
copied from another .spec file.

But seems not supported on linux/ppc64.
I'm inclined to simply drop it.

What's your opinion on that? Does -buildmode=pie have any significant
advantages which are worth defining an arch-specific conditional?

Ciao, Michael.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [Galene] Re: -buildmode=pie
  2021-03-03  0:11 [Galene] -buildmode=pie Michael Ströder
@ 2021-03-03  0:56 ` Dave Taht
  2021-03-03  1:36 ` Juliusz Chroboczek
  1 sibling, 0 replies; 3+ messages in thread
From: Dave Taht @ 2021-03-03  0:56 UTC (permalink / raw)
  To: Michael Ströder; +Cc: galene

pie makes for a less attackable executable.

On Tue, Mar 2, 2021 at 4:11 PM Michael Ströder <michael@stroeder.com> wrote:
>
> HI!
>
> The galene.spec for openSUSE/SLE contains -buildmode=pie which IIRC I
> copied from another .spec file.
>
> But seems not supported on linux/ppc64.
> I'm inclined to simply drop it.
>
> What's your opinion on that? Does -buildmode=pie have any significant
> advantages which are worth defining an arch-specific conditional?
>
> Ciao, Michael.
> _______________________________________________
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org



-- 
"For a successful technology, reality must take precedence over public
relations, for Mother Nature cannot be fooled" - Richard Feynman

dave@taht.net <Dave Täht> CTO, TekLibre, LLC Tel: 1-831-435-0729

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [Galene] Re: -buildmode=pie
  2021-03-03  0:11 [Galene] -buildmode=pie Michael Ströder
  2021-03-03  0:56 ` [Galene] -buildmode=pie Dave Taht
@ 2021-03-03  1:36 ` Juliusz Chroboczek
  1 sibling, 0 replies; 3+ messages in thread
From: Juliusz Chroboczek @ 2021-03-03  1:36 UTC (permalink / raw)
  To: Michael Ströder; +Cc: galene

> What's your opinion on that? Does -buildmode=pie have any significant
> advantages which are worth defining an arch-specific conditional?

For C programs, it might very slightly improve security by making it more
difficult to guess stack addresses in case of a buffer overflow.

However, Galène is pure Go code and doesn't use any unsafe features, so
I don't think it buys us much.  I think you can safely drop it.

-- Juliusz

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-03-03  1:36 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-03  0:11 [Galene] -buildmode=pie Michael Ströder
2021-03-03  0:56 ` [Galene] -buildmode=pie Dave Taht
2021-03-03  1:36 ` Juliusz Chroboczek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox