[ubuntu-hardened] Build of flashplugin-nonfree in Ubuntu 12.04 LTS Release.
daniel curtis
sidetripping at gmail.com
Thu Dec 31 13:29:18 UTC 2015
Hi.
I have only one question regarding to the flashplugin-nonfree package.
According to a build log[1], there is not any CFLAGS,
CPPFLAGS, CXXFLAGS etc., exported from a dpkg-buildflags,
right? I mean, for example, `-fstack-protector`, `-Wl,z,relro`
or `-D_FORTIFY_SOURCE, to name a few.
I'm asking, because mentioned dpkg-buildflag exports, could
reduce the possible areas that can be used by an attacker, to
perform a successful attack etc. Is the flashplugin-nonfree
package built with a hardened flags? What a naive question...
Maybe I'm wrong and the flashplugin-nonfree package is already
protected with at least one of the mentioned method. So, what is
an answer? Or maybe I misunderstood something? (e.g. build
process etc.)
Best regards.
_____________
[1]
https://launchpadlibrarian.net/232146187/buildlog_ubuntu-precise-i386.flashplugin-nonfree_11.2.202.559ubuntu0.12.04.1_BUILDING.txt.gz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20151231/1024894e/attachment.html>
More information about the ubuntu-hardened
mailing list