Post ARECrPgalYcFU4xlOC by hexorg@techhub.social
 (DIR) More posts by hexorg@techhub.social
 (DIR) Post #ARDcc7mNSobjFo4zHE by nixCraft@mastodon.social
       2023-01-02T02:24:02Z
       
       0 likes, 0 repeats
       
       Recommended compiler and linker flags for GCC for security purpose from Red Hat and Fedora Linux https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc These should work on other Linux distro too including Unix-like system when you use the GCC.  #infosec #security #linux #sysadmin
       
 (DIR) Post #ARDcc8NFFk6969KQk4 by GNUxeava@mk.absturztau.be
       2023-01-02T02:33:24.825Z
       
       0 likes, 0 repeats
       
       @nixCraft@mastodon.social i wouldn't say -g is for security purpose. Good for development.Also, how will -O2 improve security?
       
 (DIR) Post #ARECrPgalYcFU4xlOC by hexorg@techhub.social
       2023-01-02T05:43:50Z
       
       0 likes, 0 repeats
       
       @nixCraft last time I heard debugging information in production binaries should be removed because some malware uses it to calculate addresses it needs. Do you know why it’s not the case in this recommendation?
       
 (DIR) Post #ARECrQA10A9SxKjGFc by Mac_CZ@mastodon.macsnet.cz
       2023-01-02T09:19:32Z
       
       0 likes, 0 repeats
       
       @hexorg @nixCraft You can strip it afterwards and still then use it for your advantage when some dump appears.