|
version 1.14, 2017/07/09 15:35:02
|
version 1.15, 2017/07/09 15:37:21
|
|
Line 8 in `mk.conf`, and consist of:
|
Line 8 in `mk.conf`, and consist of:
|
| Executables) when supported on the current platform. This option is necessary |
Executables) when supported on the current platform. This option is necessary |
| to fully leverage ASLR as a mitigation for security vulnerabilities. |
to fully leverage ASLR as a mitigation for security vulnerabilities. |
| * `PKGSRC_USE_FORTIFY`: allows substitute wrappers to be used for commonly used |
* `PKGSRC_USE_FORTIFY`: allows substitute wrappers to be used for commonly used |
| functions that do not bounds checking regularly - but could in some cases. |
functions that do not bounds checking regularly - but could in some cases (now |
| |
enabled by default) |
| * `PKGSRC_USE_RELRO`: this also makes the exploitation of some security |
* `PKGSRC_USE_RELRO`: this also makes the exploitation of some security |
| vulnerabilities more difficult in some cases. |
vulnerabilities more difficult in some cases. |
| * `PKGSRC_USE_SSP`: enables stack-smashing protection (again, on supported |
* `PKGSRC_USE_SSP`: enables stack-smashing protection on supported platforms |
| platforms) |
(now enabled by default) |
| * `PKGSRC_USE_STACK_CHECK`: uses `-fstack-check` with GCC for another stack |
* `PKGSRC_USE_STACK_CHECK`: uses `-fstack-check` with GCC for another stack |
| protection mitigation |
protection mitigation |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to hardening.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / pkgsrc