--- wikisrc/pkgsrc/hardening.mdwn	2017/11/07 02:14:50	1.29
+++ wikisrc/pkgsrc/hardening.mdwn	2017/11/07 02:18:46	1.30
@@ -43,6 +43,12 @@ check will fail and the program forcibly
 the meantime. This can happen in case of buffer overflows or memory corruption,
 and therefore exposing these bugs.
 
+Different mitigation levels are available:
+* the default ("yes"), which will only protect functions considered vulnerable
+  by the compiler;
+* "all", which will protect every function;
+* "strong", which will apply a better balance between the two settings above.
+
 This mitigation is supported by both GCC and clang. It may be supported in
 additional compilers, possibly under a different name. It is particularly useful
 for unsafe programming languages, such as C/C++.