diff options
| author | Charles Strahan <charles@cstrahan.com> | 2018-03-06 19:21:10 -0500 |
|---|---|---|
| committer | Charles Strahan <charles@cstrahan.com> | 2018-03-06 19:21:10 -0500 |
| commit | 806edaa0a20db3358836d55d203500b87dbe8624 (patch) | |
| tree | 2b1ad60c859a4dc9af4e3c7bf711e59fbcba7849 /pkgs/build-support/bintools-wrapper/setup-hook.sh | |
| parent | 634c748050391b6f7c908d4716be026f839dceaf (diff) | |
| download | nixlib-806edaa0a20db3358836d55d203500b87dbe8624.tar nixlib-806edaa0a20db3358836d55d203500b87dbe8624.tar.gz nixlib-806edaa0a20db3358836d55d203500b87dbe8624.tar.bz2 nixlib-806edaa0a20db3358836d55d203500b87dbe8624.tar.lz nixlib-806edaa0a20db3358836d55d203500b87dbe8624.tar.xz nixlib-806edaa0a20db3358836d55d203500b87dbe8624.tar.zst nixlib-806edaa0a20db3358836d55d203500b87dbe8624.zip | |
hardening: ld wrapper changes, setup-hook, etc
Diffstat (limited to 'pkgs/build-support/bintools-wrapper/setup-hook.sh')
| -rw-r--r-- | pkgs/build-support/bintools-wrapper/setup-hook.sh | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/pkgs/build-support/bintools-wrapper/setup-hook.sh b/pkgs/build-support/bintools-wrapper/setup-hook.sh index 48a00b0b9b07..831ee9b03872 100644 --- a/pkgs/build-support/bintools-wrapper/setup-hook.sh +++ b/pkgs/build-support/bintools-wrapper/setup-hook.sh @@ -83,6 +83,10 @@ do fi done +# If unset, assume the default hardening flags. +: ${NIX_HARDENING_ENABLE="fortify stackprotector pic strictoverflow format relro bindnow"} +export NIX_HARDENING_ENABLE + # No local scope in sourced file unset -v role_pre role_post cmd upper_case set +u |