--- wikisrc/pkgsrc/hardening.mdwn	2017/11/12 15:12:49	1.37
+++ wikisrc/pkgsrc/hardening.mdwn	2017/11/12 15:15:48	1.38
@@ -79,6 +79,18 @@ program, instead of the stack and heap o
 PIE executables will only be built for toolchains that are known to support PIE.
 Currently, this means NetBSD on amd64 and i386.
 
+### PKGSRC_MKREPRO
+
+With this option, pkgsrc will try to build packages reproducibly. This allows
+packages built from the same tree and with the same options, to produce
+identical results bit by bit. This option should be combined with ASLR and
+`PKGSRC_MKPIE` to avoid predictable address offsets for attackers attempting to
+exploit security vulnerabilities.
+
+More details can be found here:
+
+* <https://reproducible-builds.org/>
+
 ### PKGSRC_USE_RELRO
 
 This also makes the exploitation of some security vulnerabilities more