Allow compiling with -fPIE -pie
Ralf Haferkamp
rhafer at suse.de
Thu Oct 28 09:08:56 EDT 2010
Hi,
please consider including the attached a patch against the current git
master branch that allows for build cyrus with -fPIE on system that
support it.
This will result in "Position Independent Executables" which provide
addtional security by allowing the resulting executable to be loaded
to a random address. Making certain security attacks harder to perform.
For some more details on PIE see here:
http://www.linuxfromscratch.org/~manuel/hlfs-book/glibc-2.4/chapter02/pie.html
or here:
http://en.wikipedia.org/wiki/Position-independent_code#Position-independent_executables
We are using this patch (adopted for 2.3.X) sucessfully since quite some
time in our packages. I also updated the enhancement request bugzilla:
http://bugzilla.cyrusimap.org/bugzilla3/show_bug.cgi?id=2691
regards,
Ralf
--
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-build-with-fPIE-if-supported.dif
Type: application/mbox
Size: 5139 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-devel/attachments/20101028/1a4f4f74/attachment.bin
More information about the Cyrus-devel
mailing list