[MDEV-5730] enhance security using special compilation options - Jira

Details

Type: Task
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Fix Version/s: 10.1.0
Component/s: None
Labels:
None

Description

gcc/ld have different options that can make resulting binaries more secure against buffer/stack overflow exploits. RedHat uses most of them for distribution binaries. We need to analyze these options, understand the benefits and drawbacks, and possibly use them too in our builds.
The (incomplete) list is

-pie

-Wp,-D_FORTIFY_SOURCE=2

-fstack-protector --param=ssp-buffer-size=4

-Wl,-z,relro,-z,now

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

graph.ro.pdf
60 kB
2014-06-25 18:59
graph.rw.pdf
62 kB
2014-06-25 18:59

Issue Links

relates to

MDEV-6479 stack traces in 10.1

Closed

links to

an article about RELRO

Review of the patch

Activity

Transition	Time In Source Status	Execution Times

Sergei Golubchik made transition - 2014-05-03 12:04

Open

In Progress

66d 21h 46m

Axel Schwenke made transition - 2014-06-24 13:31

Stalled

In Progress

42d 9h 7m

Axel Schwenke made transition - 2014-06-25 18:59

In Progress

Stalled

10d 21h 48m

Sergei Golubchik made transition - 2014-06-26 13:48

Stalled

Closed

18h 48m

People

Assignee:: Sergei Golubchik

Reporter:: Sergei Golubchik

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2014-02-25 14:18

Updated:: 2014-07-23 14:37

Resolved:: 2014-06-26 13:48

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Git Integration