|
Bugzilla – Full Text Bug Listing |
| Summary: | scotty: setuid binaries need to be position independent | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 12.2 | Reporter: | Ludwig Nussel <lnussel> |
| Component: | Other | Assignee: | Reinhard Max <max> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P3 - Medium | CC: | security-team |
| Version: | Factory | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Bug Depends on: | |||
| Bug Blocks: | 744091 | ||
| Attachments: | Patch that adds PIE flags for ntping | ||
|
Description
Ludwig Nussel
2012-01-24 15:51:09 UTC
Just being curious: why do SUID binaries have to be position independ? Hmm, I added -fPIE -fpie to the compilation call (also tried -fPIE only) and -fpie to linking call of gcc, and verified in the build log that the're really being used, but rpmlint still gives me the warning. What now? do you have your modified version some where so I can take a look (obs branch maybe)? Created attachment 472845 [details]
Patch that adds PIE flags for ntping
Here's the patch I use to add the flags to the ntping.o and ntping targets in unix/Makefile.in . I didn't put it into CFLAGS and LDFLAGS, because I don't want to compile the rest of scotty with these flags as Werner told me it dramatically increases process startup time.
you don't need both -fpie and -fPIE, the latter is sufficient the flag for the linker is -pie (no 'f') added PIE flags |