[ubuntu-hardened] Build of flashplugin-nonfree in Ubuntu 12.04 LTS Release.
Chris Coulson
chrisccoulson at ubuntu.com
Thu Dec 31 16:07:32 UTC 2015
On 31/12/15 13:29, daniel curtis wrote:
>
> Hi.
>
> I have only one question regarding to the flashplugin-nonfree package.
> According to a build log[1], there is not any CFLAGS,
> CPPFLAGS, CXXFLAGS etc., exported from a dpkg-buildflags,
> right? I mean, for example, `-fstack-protector`, `-Wl,z,relro`
> or `-D_FORTIFY_SOURCE, to name a few.
>
> I'm asking, because mentioned dpkg-buildflag exports, could
> reduce the possible areas that can be used by an attacker, to
> perform a successful attack etc. Is the flashplugin-nonfree
> package built with a hardened flags? What a naive question...
>
> Maybe I'm wrong and the flashplugin-nonfree package is already
> protected with at least one of the mentioned method. So, what is
> an answer? Or maybe I misunderstood something? (e.g. build
> process etc.)
>
> Best regards.
> _____________
> [1]
> https://launchpadlibrarian.net/232146187/buildlog_ubuntu-precise-i386.flashplugin-nonfree_11.2.202.559ubuntu0.12.04.1_BUILDING.txt.gz
>
>
>
Hi,
flashplugin-nonfree doesn't actually build anything. It just creates a
package that provides a script which downloads the plugin from the
partner archive.
Regards
- Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20151231/55e7c1d3/attachment.html>
More information about the ubuntu-hardened
mailing list