DEB_BUILD_CFLAGS and DEB_BUILD_LDFLAGS for packaging
Kees Cook
kees at ubuntu.com
Wed Apr 18 18:15:42 BST 2007
Hi,
I'd really like to get some momentum started on getting a set of default
compiler toolchain options available. In the past, adding
-fstack-protection wasn't done in a way everyone was happy with, and
introducing DEB_BUILD_CFLAGS and DEB_BUILD_LDFLAGS was discussed as one
way to make things easier to handle in the future. (I played briefly
with trying to develop a wrapper for gcc, but this did not turn out
well.)
I'm especially interested in having a place to put distro-wide
compile-time defaults so things like -relro and -pie can be more easily
experimented with. Unfortunately I am neither a toolchain nor packaging
expert, so I'll need help chasing this task. I'd especially like help
to define the specific set of steps needs to successfully get it
implemented. I'm hoping to get pitti and doko involved in this bit. :)
Are other people interested in this? Does this seem like something we
should make time for at UDS? If so, should I make a Blueprint for it?
Thanks,
-Kees
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20070418/eddcdfb8/attachment.pgp
More information about the ubuntu-devel
mailing list