https://bugzilla.redhat.com/show_bug.cgi?id=1128378
Björn "besser82" Esser <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #5 from Björn "besser82" Esser <[email protected]> --- (In reply to Ralf Corsepius from comment #4) > 2. Passing LDFLAGS is not required. > => Remove LDFLAGS+="%{?__global_ldflags}" Ralf are you serious?!? Why are those LDFLAGS setup by %configure or %cmake macros then, if they are not needed?!? Passing those LDFLAGS is important to have at least partial RELRO applied onto the linked binaries: $ rpm --eval %__global_ldflags -Wl,-z,relro ---> results in partial relro binaries and when applying hardening flags: $ rpm -D'_hardened_build 1' --eval %__global_ldflags -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld ---> will result in in PIE / PIC and fully relro binaries. So please explain why LDFLAGS are not required and should be removed!?! -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-review
