Matthew Seaman wrote:
Kris Kennaway wrote:Bonus points if you come up with a patch to do this: in most cases it will be a simple matter of changing the port's do-install: target to use INSTALL_* macros instead of cp/bsdtar etc. This would be a good project to get some familiarity with the ports tree.Would it be worthwhile to add a test and warning that all installed binaries have not been stripped to the 'security-check' target in bsd.port.mk? That's not really what that target was intended for (feeping creaturism alert!) butit's the obvious place to put such a test.Probably cleaner to create a whole new target, but that's going to duplicatesome code.Hmmmm... I shall work up some patches, probably over the weekend, so there'ssomething substantive to talk about.
Done: ports/129210 For the record, I also discovered that, contrary to what I said earlier, there is apparently one class of binary object that will not work correctly if stripped: kernel loadable modules. As others have commented, most shlibs installed from ports aren't stripped. The same applies to almost any sort of pluggable module (perl, PHP etc.) that I have been able to investigate. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW
signature.asc
Description: OpenPGP digital signature