FS#48257 - [nginx] is not being properly hardened
Attached to Project:
Arch Linux
Opened by Scott Rosenberg (Moscato) - Friday, 19 February 2016, 22:30 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Thursday, 05 May 2016, 12:59 GMT
Opened by Scott Rosenberg (Moscato) - Friday, 19 February 2016, 22:30 GMT
Last edited by Bartłomiej Piotrowski (Barthalion) - Thursday, 05 May 2016, 12:59 GMT
|
Details
Description:
Nginx is not being properly hardened at compile time. Additional info: 1.8.1 Steps to reproduce: Use hardening-check from aur hardening-check nginx nginx: Position Independent Executable: no, normal executable! Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: no, not found! Immediate binding: no, not found! |
This task depends upon
Closed by Bartłomiej Piotrowski (Barthalion)
Thursday, 05 May 2016, 12:59 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in trunk.
Thursday, 05 May 2016, 12:59 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in trunk.
These are not being applied
CFLAGS=PIE
CPPFLAGS=PIE
CXXFLAGS=PIE
LDFLAGS=relro,now