[hardening-discuss] deprecating hardening-wrapper/includes
Pierre Chifflier
pollux at debian.org
Sun Jun 2 17:12:55 UTC 2013
On Sun, Jun 02, 2013 at 05:34:25PM +0200, Thijs Kinkhorst wrote:
> Hi all,
>
> Now that wheezy is out the door I think we may want to revisit the status
> of hardening-wrapper/hardening-includes. While the package itself
> certainly can still be useful, people probably should not be adding it to
> their build depends anymore and use dpkg's solution instead. I've updated
> this question on the wiki to advise against it:
> http://wiki.debian.org/HardeningWalkthrough#My_package_already_uses_hardening-wrapper_or_hardening-includes._Should_I_switch_to_dpkg-buildflags.3F
>
> Many packages still depend on hardening-wrapper or -includes and I don't
> think there's an immediate need to be pushing real hard. So I propose to
> at this point just add it to Lintian to warn if it's in a package's build
> depends. Agreed?
>
>
Hi,
Since the recommended method is to use dpkg-buildflags, adding a
lintian warning is good.
Thanks,
Pierre
More information about the hardening-discuss
mailing list