On Fri, Feb 21, 2020 at 6:03 AM Ola Bini <[email protected]> wrote: > > Hi, > > I have recently packaged a Golang application without any real > problems. However, after finishing the packaging, when running lintian > on the package, I get "hardening-no-pie" as a warning. Is there any > way to fix this for Golang applications? (I'm using dh-make-golang to > create the initial definition, and then "gbd buildpackage > --git-pbuilder" to actually build it)
I think that's because we don't turn on pie mode when building Go programs. And I don't think it's worth to address this problem in individual package. We should address this in dh-golang. I think we just don't know or haven't tried the pie mode when building. I know Archlinux has a package could go-pie[1] which turns pie mode the default[2]. But I don't know others. [1] https://www.archlinux.org/packages/community/x86_64/go-pie/ [2] https://git.archlinux.org/svntogit/community.git/tree/trunk/default-buildmode-pie.patch?h=packages/go -- Shengjing Zhu
