diff options
author | Guillem Jover <guillem@debian.org> | 2017-09-05 03:27:31 +0200 |
---|---|---|
committer | Guillem Jover <guillem@debian.org> | 2017-09-07 11:36:22 +0200 |
commit | e6171e188e7c1fc7cfc9f159fe55abba7a1d128a (patch) | |
tree | 76400412a12cbc9f1f9f14a0a39be746bfabd145 /man | |
parent | 05bbea38469409fd718e44cb550fabd2f1b073f5 (diff) | |
download | dpkg-e6171e188e7c1fc7cfc9f159fe55abba7a1d128a.tar.gz |
man: Clarify that sanitize options should not be used for production builds
Ref: http://www.openwall.com/lists/oss-security/2016/02/17/9
Diffstat (limited to 'man')
-rw-r--r-- | man/dpkg-buildflags.man | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/man/dpkg-buildflags.man b/man/dpkg-buildflags.man index 60f67a5ce..3b5d5ba85 100644 --- a/man/dpkg-buildflags.man +++ b/man/dpkg-buildflags.man @@ -242,6 +242,9 @@ to \fB\-D__DEB_CANARY_\fP\fIflag\fP_\fIrandom-id\fP\fB__\fP, and Several compile-time options (detailed below) can be used to help sanitize a resulting binary against memory corruptions, memory leaks, use after free, threading data races and undefined behavior bugs. +\fBNote\fP: these options should \fBnot\fP be used for production builds +as they can reduce reliability for conformant code, reduce security or +even functionality. .TP .B address This setting (disabled by default) adds \fB\-fsanitize=address\fP to |