diff options
author | Keegan McAllister <mcallister.keegan@gmail.com> | 2012-03-25 06:43:22 -0400 |
---|---|---|
committer | Keith Winstein <keithw@mit.edu> | 2012-04-13 12:27:25 -0400 |
commit | b5ab0d073647c4ad61dfe9552c1849a0f230bced (patch) | |
tree | b9cb14a5d18c13e5503f9401018a3a26b13ede2a /README.md | |
parent | 349e2d20c8177434260ef04a726f215f5466a4d2 (diff) |
Document the binary hardening measures
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 13 |
1 files changed, 12 insertions, 1 deletions
@@ -110,10 +110,21 @@ Advice to distributors A note on compiler flags: Mosh is security-sensitive code. When making automated builds for a binary package, we recommend passing the option -`--enable-compile-warnings=error` to ./configure. On GNU/Linux with +`--enable-compile-warnings=error` to `./configure`. On GNU/Linux with `g++` or `clang++`, the package should compile cleanly with `-Werror`. Please report a bug if it doesn't. +Where available, Mosh builds with a variety of binary hardening flags +such as `-fstack-protector-all`, `-D_FORTIFY_SOURCE=2`, etc. These +provide proactive security against the possibility of a memory +corruption bug in Mosh or one of the libraries it uses. For a full +list of flags, search for `HARDEN` in `configure.ac`. The `configure` +script detects which flags are supported by your compiler, and enables +them automatically. To disable this detection, pass +`--disable-hardening` to `./configure`. Please report a bug if you +have trouble with the default settings; we would like as many users as +possible to be running a configuration as secure as possible. + Mosh ships with a default optimization setting of `-O2`. Some distributors have asked about changing this to `-Os` (which causes a compiler to prefer space optimizations to time optimizations). We have |