Onward branch - update

Robert Connolly robert at linuxfromscratch.org
Thu Sep 18 21:10:23 PDT 2008

I feel closer to a stable release than ever before. We have everything needed 
to say it wasn't just slapped together to make a release. There's still work 
to finish, but it's all doable.

We have:
Stack smashing protector on everything except the kernel and glibc libraries.
ld -z relro, -z now on everything except the kernel.
-fpie/fpic on everything but the kernel, for aslr. No text relocations.
fortify_source on everthing except glibc libraries.

No suid-root programs.
Coherent documentation.

I prefer to do hlfs-stable before the reboot changes, and make linux-2.6.25 
kernel, with capabilities, a dependency for the host. Otherwise -stable is 
farther away, with no real benefit to the finished system. However, I am 
willing to postpone -stable for reboot(fewer host dependencies) and 
unprivileged-build-user changes, if this is what people want from hlfs-1.0.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20080919/87807c71/attachment.sig>

More information about the hlfs-dev mailing list