* [Galene] -buildmode=pie
@ 2021-03-03 0:11 Michael Ströder
2021-03-03 0:56 ` [Galene] -buildmode=pie Dave Taht
2021-03-03 1:36 ` Juliusz Chroboczek
0 siblings, 2 replies; 3+ messages in thread
From: Michael Ströder @ 2021-03-03 0:11 UTC (permalink / raw)
To: galene
HI!
The galene.spec for openSUSE/SLE contains -buildmode=pie which IIRC I
copied from another .spec file.
But seems not supported on linux/ppc64.
I'm inclined to simply drop it.
What's your opinion on that? Does -buildmode=pie have any significant
advantages which are worth defining an arch-specific conditional?
Ciao, Michael.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Galene] Re: -buildmode=pie
2021-03-03 0:11 [Galene] -buildmode=pie Michael Ströder
@ 2021-03-03 0:56 ` Dave Taht
2021-03-03 1:36 ` Juliusz Chroboczek
1 sibling, 0 replies; 3+ messages in thread
From: Dave Taht @ 2021-03-03 0:56 UTC (permalink / raw)
To: Michael Ströder; +Cc: galene
pie makes for a less attackable executable.
On Tue, Mar 2, 2021 at 4:11 PM Michael Ströder <michael@stroeder.com> wrote:
>
> HI!
>
> The galene.spec for openSUSE/SLE contains -buildmode=pie which IIRC I
> copied from another .spec file.
>
> But seems not supported on linux/ppc64.
> I'm inclined to simply drop it.
>
> What's your opinion on that? Does -buildmode=pie have any significant
> advantages which are worth defining an arch-specific conditional?
>
> Ciao, Michael.
> _______________________________________________
> Galene mailing list -- galene@lists.galene.org
> To unsubscribe send an email to galene-leave@lists.galene.org
--
"For a successful technology, reality must take precedence over public
relations, for Mother Nature cannot be fooled" - Richard Feynman
dave@taht.net <Dave Täht> CTO, TekLibre, LLC Tel: 1-831-435-0729
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Galene] Re: -buildmode=pie
2021-03-03 0:11 [Galene] -buildmode=pie Michael Ströder
2021-03-03 0:56 ` [Galene] -buildmode=pie Dave Taht
@ 2021-03-03 1:36 ` Juliusz Chroboczek
1 sibling, 0 replies; 3+ messages in thread
From: Juliusz Chroboczek @ 2021-03-03 1:36 UTC (permalink / raw)
To: Michael Ströder; +Cc: galene
> What's your opinion on that? Does -buildmode=pie have any significant
> advantages which are worth defining an arch-specific conditional?
For C programs, it might very slightly improve security by making it more
difficult to guess stack addresses in case of a buffer overflow.
However, Galène is pure Go code and doesn't use any unsafe features, so
I don't think it buys us much. I think you can safely drop it.
-- Juliusz
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-03-03 1:36 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-03 0:11 [Galene] -buildmode=pie Michael Ströder
2021-03-03 0:56 ` [Galene] -buildmode=pie Dave Taht
2021-03-03 1:36 ` Juliusz Chroboczek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox