Bug 1008385

Summary: no hardening build
Product: [Fedora] Fedora Reporter: Harald Reindl <h.reindl>
Component: alsa-utilsAssignee: Jaroslav Kysela <jkysela>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 19CC: jkysela, pbrobinson
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-07-25 00:21:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Harald Reindl 2013-09-16 09:55:29 UTC 
what about reading packaging guidelines before throw another long-running root-process into the distribution as default even after a F18->F19 yum-upgrade?

https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guidelines#PIE
the word "must" is no opt-in

If your package meets any of the following criteria you 
MUST  enable the PIE compiler flags:
 * Your package is long running
 * Your package runs as root

[root@srv-rhsoft:~]$ hardening-check /usr/sbin/alsactl
/usr/sbin/alsactl:
 Position Independent Executable: no, normal executable!
 Stack protected: yes
 Fortify Source functions: yes (some protected functions found)
 Read-only relocations: yes
 Immediate binding: no, not found!

[root@srv-rhsoft:~]$ ps aux | grep alsa
root       642  0.0  0.0  16740  1416 ?        SNs  Sep15   0:00 /usr/sbin/alsactl -s -n 19 -c -E ALSA_CONFIG_PATH=/etc/alsa/alsactl.conf --initfile=/lib/alsa/init/00main rdaemon
Comment 1 Harald Reindl 2014-01-10 05:45:40 UTC 
the same still in F20 :-(
Comment 2 Peter Robinson 2014-07-25 00:21:59 UTC 
hardening-check /usr/sbin/alsactl
/usr/sbin/alsactl:
 Position Independent Executable: yes
 Stack protected: yes
 Fortify Source functions: yes (some protected functions found)
 Read-only relocations: yes
 Immediate binding: yes
Comment 3 Harald Reindl 2014-07-26 00:41:48 UTC 
uhm - this bugreport was for F19, at least F20 is current for many months - so please don't ignore the "Version" information and bugreports