Next: , Previous: Compiling a C++ program, Up: Top


8 Security enhancement options

Recent GCC (4.1 or newer) on modern hardwares provides a good range of security enhancement options. Popular security enhancement options used by the major Linux distributions for their package building defaults and some non-default options are described here.1 You should consider enabling these options for your application as needed by explicitly specifying them.

Please note that these security enhancement options may not be available on your platform.

Please also note that these security enhancement options may cause problems depending on your GCC version and your application. Since some distributions make these options as the default of GCC, you may need to explicitly disable these options for some limited situations to avoid such problems.


Footnotes

[1] For Debian wheezy, you can obtain distribution recommended GCC options using the dpkg-buildflag command.