Ricardo Wurmus transcribed 486 bytes: > > ng0 <n...@n0.is> writes: > > >> > The flags I use (suggested by Debian Wiki[0]) are: > >> > > >> > CPPFLAGS=-D_FORTIFY_SOURCE=2 > >> > >> How does this differ from "-O2 -D_FORTIFY_SOURCE" in CFLAGS? > >> I know O2 is optimization and that FORTIFY_SOURCE requires optimization > >> to be specified. > > > > Okay, I've read some related commits and bug tickets, I understand > > the difference now. > > Please share. Otherwise this comment isn’t really helpful for this > discussion.
Well there's the Debian wiki: https://wiki.debian.org/Hardening and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643632 as well as the gcc Manual about it. Debian uses -D_FORTIFY_SOURCE -O1. My use of -O2 -D_FORTIFY_SOURCE in CFLAGS was not correct. > > -- > Ricardo > > > -- A88C8ADD129828D7EAC02E52E22F9BBFEE348588 https://n0.is