|
From: | Daniele Buono |
Subject: | Re: [PATCH 3/4] configure: add flag to enable SafeStack |
Date: | Wed, 27 May 2020 09:48:56 -0400 |
User-agent: | Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0 |
Hi Stefan, a quick clarification on configure: right now, in configure, there's * "Advanced Options (experts only)" which usually don't have both enable and disable for each option, and * "Optional features, enabled with --enable-FEATURE and disabled with --disable-FEATURE, default is enabled if available:" How do you think SafeStack should be classified? * If we do it as Advanced option, we should probably force it disabled unless --enable-safe-stack is provided. In this case --disable-safe-stack is not really necessary. * If we do it as optional feature, I have two ways to handle the default: 1. enable/disable based on the compilation flags given to configure 2. enable every time the provided compiler supports it On 5/27/2020 7:12 AM, Stefan Hajnoczi wrote:
On Fri, May 22, 2020 at 11:24:46AM -0400, Daniele Buono wrote:I would feel more confident by adding another check in configure to make sure that the user didn't enable SafeStack manually through other means, like manually setting the option through extra_cflags. What do you think?Sure, a compile_prog call could check if SafeStack is enable when it shouldn't be. This can be done together with a --disable option. Stefan
[Prev in Thread] | Current Thread | [Next in Thread] |