Compiler security flags while compiling postgres

Поиск
Список
Период
Сортировка
От Ramesh Gowrishankar
Тема Compiler security flags while compiling postgres
Дата
Msg-id CY1PR19MB01705F2A41C49F8642B1E2E7C4C40@CY1PR19MB0170.namprd19.prod.outlook.com
обсуждение исходный текст
Список pgsql-novice
Дерево обсуждения

Hello,


I wanted to get the perspective of the community on the need to compile with security flags that protect against buffer overflow. It does not appear that the installer for Windows was compiled with these options and I was wondering why.


I am thinking of a compiler flag like /GS (which is now enabled by default in the Microsoft compiler) https://msdn.microsoft.com/en-us/library/8dbf701c.aspx

msdn.microsoft.com
Detects some buffer overruns that overwrite a function's return address, exception handler address, or certain types of parameters. Causing a buffer overrun is a ...
The postgres binaries are getting flagged in security scans as not being compiled with the recommended secure compiler flags and I am wondering if we need to go through the trouble of recompiling postgres just to add the security related compiler flags.

Thanks

Ramesh

В списке pgsql-novice по дате отправления:

Предыдущее
От: Chris Spencer
Дата:
Сообщение: Re: How to enable partial matching on a GIN index
Следующее
От: Caesar Olima
Дата:
Сообщение: Enquiry about setting Up PostgreSQL 8.4 PIRT