Config.in: enable FORTIFY_SOURCE, PIC/PIE, RELRO, SSP by default
Enhance security by enabling FORTIFY_SOURCE, PIC/PIE, RELRO and SSP by default. For SSP, SSP-all can have a significant impact on performance, so we do not want to enable that unconditionally; instead we use SSP-strong if available (since gcc-4.9), and resort to SSP-regular otherwise. People who really, like really-really want to use SSP-all will still have to enable it explicitly. For FORTIFY, level 2 may change the behaviour of some glibc functions, so may crash conforming programs, so may have adverse effects. As such, we choose level 1 as the default, as it does not change the behaviour of any function. This could help making IoT more secure and fight against the assumption that buildroot does not support binary hardening (see https://cyber-itl.org/2019/08/26/iot-data-writeup.html ) Signed-off-by:Fabrice Fontaine <fontaine.fabrice@gmail.com> [yann.morin.1998@free.fr: - relax SSP to strong when available, regular otherwise - extend commit log to explain why SSP-all is not used - extend commit log to explain why FORTIFY level 2 is not used ] Signed-off-by:
Yann E. MORIN <yann.morin.1998@free.fr>
Loading
Please register or sign in to comment