Ubuntu already builds by default with everything except PIE (and bindnow) from hardening-wrapper. Since it's a shared library (plugin), adding PIE wouldn't change anything.
https://wiki.ubuntu.com/Security/Features#fortify-source https://wiki.ubuntu.com/ToolChain/CompilerFlags
$ hardening-check /usr/lib/pidgin/pidgin-otr.so /usr/lib/pidgin/pidgin-otr.so: Position Independent Executable: no, regular shared library (ignored) Stack protected: yes Fortify Source functions: yes (some protected functions found) Read-only relocations: yes Immediate binding: no not found!
Ubuntu already builds by default with everything except PIE (and bindnow) from hardening-wrapper. Since it's a shared library (plugin), adding PIE wouldn't change anything.
https:/ /wiki.ubuntu. com/Security/ Features# fortify- source /wiki.ubuntu. com/ToolChain/ CompilerFlags
https:/
$ hardening-check /usr/lib/ pidgin/ pidgin- otr.so pidgin/ pidgin- otr.so:
/usr/lib/
Position Independent Executable: no, regular shared library (ignored)
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no not found!