Package: nfs-common Version: 1:1.2.8-7 Severity: wishlist
Hi, according to the checksec.sh script, binaries provided by nfs-utils are not compiled with all available hardening features: RELRO STACK CANARY NX PIE RPATH RUNPATH FILE No RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /sbin/rpc.statd Partial RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /usr/sbin/rpc.gssd No RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /usr/sbin/rpc.idmapd Partial RELRO No canary found NX enabled No PIE No RPATH No RUNPATH /usr/sbin/rpc.svcgssd Since those daemons are potentially exposed to untrusted network traffic, could you please compile the package with more hardening features ? -- Laurent. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
