dc4ad6b750
- Revisit (and rename) support for FORTIFY as PKGSRC_USE_FORTIFY (instead of PKGSRC_USE_FORT) for easier support outside NetBSD/gcc; - PKGSRC_USE_SSP is no longer enabled by default when PKGSRC_USE_FORTIFY is enabled; - PKGSRC_MKPIE builds executables as PIE (to leverage userland ASLR) - PKGSRC_USE_RELRO builds with a read-only GOT to prevent some exploits from functioning. Tested on NetBSD/amd64 by myself, in every combination, with and without pkgtools/cwrappers. MKPIE is not supported at the moment with cwrappers. Also, MKPIE is known to still break a number of packages when enabled (and actually supported). Tested on SunOS by jperkin@, thank you! As discussed on tech-pkg@, the default behavior is not changed, except where noted above. ok bsiegert@ |
||
|---|---|---|
| .. | ||
| mk.conf | ||
| obsolete.mk | ||
| options.description | ||