Commit Graph

37 Commits

Author SHA1 Message Date
bdrewery
b619f0c747 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
bdrewery
989e2c6000 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
uqs
764da0e641 Bump WARNS where possible.
Checked by:	make universe
Approved by:	ed (co-mentor)
2010-02-15 14:07:40 +00:00
des
2bb8de20fe Remove kludges intended to support src trees with partial obj trees.
Discussed with:	ru
2005-06-10 06:12:53 +00:00
ru
c1a820195c NOSHARED -> NO_SHARED 2004-12-21 09:59:45 +00:00
obrien
706437b97d Remove WFORMAT, style.Makefile(5). 2004-03-22 03:17:36 +00:00
johan
c1045205c1 style.Makefile:
Use WARNS?= instead of WARNS=
2004-02-23 20:05:14 +00:00
gshapiro
e95dd66c1f Remove MAINTAINER= lines from individual Makefiles in favor of the
MAINTAINER file (which already had entries for sendmail).
2003-07-07 03:54:04 +00:00
gshapiro
730b12a9a9 Update build infrastructure for sendmail 8.12. 2002-02-17 22:05:07 +00:00
kris
a1a10418c8 Correct inadvertent style botches in previous commit. 2002-02-04 03:06:51 +00:00
kris
bb3058824a Lock down with WFORMAT=1 except those directories with unfixed warnings.
Tested on i386 and alpha.
2002-02-04 02:49:19 +00:00
obrien
099f8ecbe9 Default to WARNS=2. Binary builds that cannot handle this must explicitly
set WARNS=0.

Reviewed by:	mike
2001-12-04 01:57:47 +00:00
ru
011f71f63c MAN[1-9] -> MAN. 2001-03-27 10:03:10 +00:00
gshapiro
90b1557dac Add a MAINTAINER= line so people know who to blame 2000-10-26 23:02:36 +00:00
gshapiro
e0b2de2c8f Style fixes 2000-10-11 05:04:21 +00:00
gshapiro
1f7ac54fbd Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
gshapiro
002ef51d6e The rest of the changes needed to support the new version of sendmail (8.11.0).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
peter
66312e4a8d $Id$ -> $FreeBSD$ 1999-08-27 23:15:48 +00:00
peter
c1efa92d21 Use sendmail-8.9.1 rmail (with our changes). 1998-08-04 15:19:16 +00:00
charnier
47f1e7cea8 Correct use of .Nm. Add section number to .Xr references. 1998-05-18 06:39:17 +00:00
eivind
1bd0014062 Revert 1.15 - duplicate code (initialization).
Pointed-out-by:	bde
1997-12-15 20:34:52 +00:00
eivind
6e6ac9a033 Make this lint more cleanly
Obtained from: OpenBSD file rev 1.4 by mickey
1997-12-12 18:24:17 +00:00
steve
e753f957ea Observe precedence set by Philippe Charnier when adding an
rcsid.
1997-08-07 22:33:01 +00:00
steve
f465f4c450 #include <err.h> for err(3) call and replace extern reference to errno
with #include <errno.h>.
1997-08-07 15:41:51 +00:00
charnier
46627309b6 Remove lines inside #ifdef 0/#endif. 1997-06-30 11:10:18 +00:00
charnier
958b099adb Err(3) was locally defined (for portability reasons). Use #ifdef 0/#endif
to hide this so libc is kept instead.
1997-06-06 06:46:27 +00:00
imp
054f35c222 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-28 15:24:41 +00:00
peter
83b3c2c161 Revert $FreeBSD$ to $Id$ 1997-02-22 14:13:04 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
steve
1c6d77453c Cleanup man page and -Wall cleaning. 1996-12-14 06:14:32 +00:00
pst
1c6e5f9967 If mail is received with no from address, invoke sendmail with
/usr/sbin/sendmail -f <> dest
rather than
	/usr/sbin/sendmail -f dest.

Submitted by:  Michael Butler <imb@scgt.oz.au>
Obtained from: Eric Allman <eric@cs.berkeley.edu>
1995-09-16 18:52:51 +00:00
rgrimes
1888033949 Remove trailing whitespace.
Reviewed by:	phk
1995-05-30 00:07:29 +00:00
joerg
c6030c6511 You will find enclosed some changes to make gcc -Wall more happy in
/usr/src/bin. Note that some patches are still needed in that directory.

I (Joerg) finished most of Philippe's cleanup.  /bin/sh will still
need *allot* of work, however.

Submitted by:	charnier@lirmm.fr (Philippe Charnier)
1995-03-19 13:29:28 +00:00
joerg
a732676a92 Use `interactive' (foreground) delivery by default. The old behaviour
of queuing mails only can be restored by uncommenting a CFLAGS+= line
in the makefile, so sites that _really_ need this (perhaps some huge
mail hubs) can still have it.  The majority of FreeBSD boxes is better
served with an immediate delivery (and last time i've been asking on
the list, nobody complained).
1995-03-05 08:27:14 +00:00
dg
8722740e7f Added $Id$ 1994-09-24 02:59:15 +00:00
wollman
0e5400218f Fix makefiles for our macros. 1994-08-05 17:02:31 +00:00
rgrimes
e3cfc8ce61 BSD 4.4 Lite bin Sources 1994-05-26 06:18:55 +00:00