Fedora 40 Looking To Change Linker To Error Out On Security Issues

Written by Michael Larabel in Fedora on 15 November 2023 at 04:14 PM EST. 2 Comments
FEDORA
A change proposal currently undergoing discussion for Fedora 40 would change their toolchain's (BFD) linker to error out on potential security issues. Currently BFD is emitting warnings on potential security problems but the F40 proposal is to instead error out so the program being built will fail to link when hitting recognized security issues.

The Fedora 40 change proposal would be affecting the behavior of:
- The creation of a program containing a stack that is in a memory region that has execute permission.
- The creation of a program with a loadable segment that has all three of the read, write and execute permission bits set.
- The creation of a thread local storage segment that has the execute permission bit set.

With not as many developers/users paying attention to warnings as when a show-stopping error occurs, the intention for Fedora 40 is to raise those to errors with the BFD linker.

Per the Fedora 40 change proposal:
The benefit of this change is that it will increase the overall security of Fedora by helping to ensure that packages cannot be built with one or more of these vulnerabilities without the owner being made aware and having to take specific actions - either to remove the vulnerability or disable the linker error message.

More details for those interested via the Fedora Wiki. The Fedora Engineering and Steering Committee (FESCo) still needs to vote on the change before it potentially becoming a feature of Fedora 40 in the spring.
2 Comments
Related News
Fedora Evaluates Replacing Redis With Valkey
Fedora Miracle Spin Proposed For Fedora 41
Fedora Linux 40 Available For Download As A Wonderful Upgrade
Fedora Linux 40 Cleared For Release Next Week
RPM 4.20 Approved For Fedora 41 To Advance Hands-Free Packaging
Fedora 41 Aims For More Reproducible Package Builds Thanks To A Rust Program
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
systemd Rolling Out "run0" As sudo Alternative
Linux Mint Looks To Fork More GNOME Software, Make XApp More Independent
Microsoft Updates Cascadia Code: Its Open-Source Font For Developers
Rust-Written Redox OS Gets USB Keyboards & Mice Working
Rust-Based Coreutils 0.0.26 Increases Compatibility With GNU Coreutils
AMD Enabling "Fast CPPC" For Even Greater Linux Performance & Power Efficiency On Some CPUs
Proton 9.0 RC2 Makes More Windows Games Playable On Linux, Other Fixes
Punting GPU Drivers From The Initramfs Due To Ever Increasing Firmware Bloat