Re: Additional hardening options

Robert Berger


This[1] is what I usually add as well to the security flags.

With respect to the "default" flags I had some fun with the SDK and -D_FORTIFY_SOURCE=2 and -fstack-protector-strong.

I guess they do have some performance impact as well, but I did not do very thorough research.

Also, I did not confirm it yet but suspect that some of those flags might be the reason for "debuginfod gdb: *** stack smashing detected ***: terminated".[2]





Join { to automatically receive all group messages.