Change would be from:
{{{
If your package meets the following critera you should consider enabling the PIE compiler flags:
Your package is long running. This means it's likely to be started and keep running until the machine is rebooted, not start on demand and quit on idle. Your package has suid binaries, or binaries with capabilities. Your package runs as root. Your package accepts/processes untrusted input.
}}}
to be 'MUST' instead.
Rationale: improved security. Also, by phrasing as a 'MUST' it allows us to easily track package compliance.
Proposed change:
{{{ If your package meets the following critera you MUST enable the PIE compiler flags:
Your package is long running. This means it's likely to be started and keep running until the machine is rebooted, not start on demand and quit on idle. Your package has suid binaries, or binaries with capabilities. Your package runs as root.
Your package accepts/processes untrusted input.
Draft in comment 1 approved (+1:6, 0:0, -1:0) also, move the FESCo list after the list of criteria when updating the guideline.
Announcement text:
The guidelines relating to PIE and Hardened Packages were updated. Now, if your package meets the following critera you MUST enable the PIE compiler flags:
Your package is long running. This means it's likely to be started and keep running until the machine is rebooted, not start on demand and quit on idle.
Your package has suid binaries, or binaries with capabilities.
Your package runs as root.
https://fedoraproject.org/wiki/Packaging:Guidelines#PIE
Metadata Update from @spot: - Issue assigned to spot
Login to comment on this ticket.