Looking at the CFLAGS and CXXFLAGS which get used by various packages, and external references, I note that fedora prefer to harden almost everything by using -DFORTIFY_SOURCE=2 [ NB - do NOT pass that to glibc, one small part of glibc already uses it, the other parts will be broken if it is forced ].
Looking, a few packages in LFS already use this (in particular, now that we've found that perl thought gcc-8 and later was earlier than gcc-4, and did not support it, perl and the modules it *compiles* use that), and a few in BLFS (e.g. openssh, cairo, rxvt-unicode, libsndfile But then I noticed that firefox and qtwebengine pass two fortify flags: -UFORTIFY_SOURCE -DFORTIFY_SOURCE=2 My initial reading tells me that -UFORTIFY_SOURCE turns it *off*. Can anyone confirm what the pair are supposed to do ? I'm guessing: · turn OFF any existing define, in case it is less than 2 · and then force it to 2 TIA ĸen -- Before the universe began, there was a sound. It went: "One, two, ONE, two, three, four" [...] The cataclysmic power chord that followed was the creation of time and space and matter and it does Not Fade Away. - wiki.lspace.org/mediawiki/Music_With_Rocks_In -- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
