/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/splashy.xml

  • Committer: Teddy Hogeborn
  • Date: 2019-07-14 22:39:15 UTC
  • Revision ID: teddy@recompile.se-20190714223915-aqjkms3t3taa6tye
Only use sanitizing options when debugging

The C compiler's sanitizing options introduce code in the output
binary which is fragile and not very security conscious.  It has
become clear that sanitizing is only really meant for use while
debugging.

As a side effect, this makes compilation faster, as the Makefile, for
production builds, no longer runs the compiler repeatedly to find all
its currently supported sanitizing options.

* Makefile (DEBUG): Add "$(SANITIZE)".
  (SANITIZE): Comment out.
  (CFLAGS): Remove "$(SANITIZE)".
  (plugins.d/mandos-client): Revert back to use plain $(LINK.c), since
                             we no longer need to remove the leak
                             sanitizer by overriding CFLAGS.

Show diffs side-by-side

added added

removed removed

Lines of Context:
135
135
        <para>
136
136
          These variables will normally be inherited from
137
137
          <citerefentry><refentrytitle>plugin-runner</refentrytitle>
138
 
          <manvolnum>8mandos</manvolnum></citerefentry>, which might
139
 
          have in turn inherited them from its calling process.
 
138
          <manvolnum>8mandos</manvolnum></citerefentry>, which will
 
139
          normally have inherited them from
 
140
          <filename>/scripts/local-top/cryptroot</filename> in the
 
141
          initial <acronym>RAM</acronym> disk environment, which will
 
142
          have set them from parsing kernel arguments and
 
143
          <filename>/conf/conf.d/cryptroot</filename> (also in the
 
144
          initial RAM disk environment), which in turn will have been
 
145
          created when the initial RAM disk image was created by
 
146
          <filename
 
147
          >/usr/share/initramfs-tools/hooks/cryptroot</filename>, by
 
148
          extracting the information of the root file system from
 
149
          <filename >/etc/crypttab</filename>.
140
150
        </para>
141
151
        <para>
142
152
          This behavior is meant to exactly mirror the behavior of
266
276
    <para>
267
277
      <citerefentry><refentrytitle>intro</refentrytitle>
268
278
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
279
      <citerefentry><refentrytitle>crypttab</refentrytitle>
 
280
      <manvolnum>5</manvolnum></citerefentry>,
269
281
      <citerefentry><refentrytitle>plugin-runner</refentrytitle>
270
282
      <manvolnum>8mandos</manvolnum></citerefentry>,
271
283
      <citerefentry><refentrytitle>proc</refentrytitle>