diff options
| author | Yves-Alexis Perez <corsac@corsac.net> | 2012-06-28 22:14:35 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@corsac.net> | 2012-06-28 22:14:35 +0200 |
| commit | d6e503c1ea60e1836315169e14dee2a82879e78d (patch) | |
| tree | d45cc8a37c3cbbf79f3f48ba9c175df792fbf554 | |
| parent | 211f04ef0e1a69f9ba21d52ed1d8e0b87bc68494 (diff) | |
| download | vyos-strongswan-d6e503c1ea60e1836315169e14dee2a82879e78d.tar.gz vyos-strongswan-d6e503c1ea60e1836315169e14dee2a82879e78d.zip | |
Hardening support
* debian/rules:
- enable hardening flags with PIE and bindnow.
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rwxr-xr-x | debian/rules | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index 57bc1c18a..c89de61da 100644 --- a/debian/changelog +++ b/debian/changelog @@ -16,6 +16,8 @@ strongswan (4.6.4-0.1) UNRELEASED; urgency=low - update debhelper build-dep to 9 and add dpkg-dev 1.16.2 build-dep for hardening support. * debian/compat bumped to 9. + * debian/rules: + - enable hardening flags with PIE and bindnow. -- Yves-Alexis Perez <corsac@debian.org> Thu, 28 Jun 2012 21:17:38 +0200 diff --git a/debian/rules b/debian/rules index 72e28e0f8..b8dfb16f6 100755 --- a/debian/rules +++ b/debian/rules @@ -7,8 +7,8 @@ export DH_OPTIONS -# this is a security-critical package, set all the options we can -export DEB_BUILD_HARDENING=1 +#export DEB_LDFLAGS_MAINT_APPEND=-Wl,--as-needed -Wl,-O1 -Wl,-z,defs +export DEB_BUILD_MAINT_OPTIONS=hardening=+pie,+bindnow CONFIGUREARGS := --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ --libexecdir=/usr/lib \ |