From b5ab0d073647c4ad61dfe9552c1849a0f230bced Mon Sep 17 00:00:00 2001 From: Keegan McAllister Date: Sun, 25 Mar 2012 06:43:22 -0400 Subject: [PATCH] Document the binary hardening measures --- README.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 21f1732..776cf3f 100644 --- a/README.md +++ b/README.md @@ -110,10 +110,21 @@ Advice to distributors A note on compiler flags: Mosh is security-sensitive code. When making automated builds for a binary package, we recommend passing the option -`--enable-compile-warnings=error` to ./configure. On GNU/Linux with +`--enable-compile-warnings=error` to `./configure`. On GNU/Linux with `g++` or `clang++`, the package should compile cleanly with `-Werror`. Please report a bug if it doesn't. +Where available, Mosh builds with a variety of binary hardening flags +such as `-fstack-protector-all`, `-D_FORTIFY_SOURCE=2`, etc. These +provide proactive security against the possibility of a memory +corruption bug in Mosh or one of the libraries it uses. For a full +list of flags, search for `HARDEN` in `configure.ac`. The `configure` +script detects which flags are supported by your compiler, and enables +them automatically. To disable this detection, pass +`--disable-hardening` to `./configure`. Please report a bug if you +have trouble with the default settings; we would like as many users as +possible to be running a configuration as secure as possible. + Mosh ships with a default optimization setting of `-O2`. Some distributors have asked about changing this to `-Os` (which causes a compiler to prefer space optimizations to time optimizations). We have