mk: Bump default hardening options.
This commit is contained in:
nia
parent
7fad5b5799
commit
eb67d5a403
1 changed files with 4 additions and 4 deletions
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: mk.conf,v 1.318 2021/05/30 23:41:05 khorben Exp $
|
||||
# $NetBSD: mk.conf,v 1.319 2021/09/27 14:31:55 nia Exp $
|
||||
#
|
||||
|
||||
# This file provides default values for variables that may be overridden
|
||||
|
|
@ -234,7 +234,7 @@ PKGSRC_RUN_TEST?= no
|
|||
# Possible: yes, no
|
||||
# Default: no
|
||||
|
||||
PKGSRC_MKPIE?= no
|
||||
PKGSRC_MKPIE?= yes
|
||||
# If no, create regular executables. Otherwise create PIE (Position Independent
|
||||
# Executables, on supported platforms). This option is necessary to fully
|
||||
# leverage ASLR as a mitigation for security vulnerabilities.
|
||||
|
|
@ -271,7 +271,7 @@ PKGSRC_USE_FORTIFY?= strong
|
|||
#
|
||||
# Keywords: fortify FORTIFY_SOURCE
|
||||
|
||||
PKGSRC_USE_RELRO?= no
|
||||
PKGSRC_USE_RELRO?= full
|
||||
# Link with RELRO by default (on supported platforms). This makes the
|
||||
# exploitation of some security vulnerabilities more difficult in some cases.
|
||||
# Possible values:
|
||||
|
|
@ -281,7 +281,7 @@ PKGSRC_USE_RELRO?= no
|
|||
#
|
||||
# Keywords: relro
|
||||
|
||||
PKGSRC_USE_SSP?= yes
|
||||
PKGSRC_USE_SSP?= strong
|
||||
# Configure this to enable stack smashing protection (on supported platforms).
|
||||
# Possible values:
|
||||
# no: Do not pass any stack protection flags
|
||||
|
|
|
|||
Loading…
Reference in a new issue