debian/rules: Improve comment about hardening options

author Ian Jackson <ian.jackson@citrix.com>

Tue, 4 Feb 2020 14:16:39 +0000 (14:16 +0000)

committer Hans van Kranenburg <hans@knorrie.org>

Thu, 23 Jul 2020 12:35:10 +0000 (14:35 +0200)
author Ian Jackson <ian.jackson@citrix.com>
Tue, 4 Feb 2020 14:16:39 +0000 (14:16 +0000)
committer Hans van Kranenburg <hans@knorrie.org>
Thu, 23 Jul 2020 12:35:10 +0000 (14:35 +0200)
diff --git a/debian/rules b/debian/rules

index fdf68805b477bceb291b320d0db59fe7f683ce7a..8f36229c1d6dc811b709829f803c0f706a78adf0 100755 (executable)
--- a/debian/rules
+++ b/debian/rules
@@ -7,9 +7,9 @@ SHELL    := bash -e
  
  # This influences dpkg-buildflags to specify better linker
  # options.  See https://wiki.debian.org/Hardening
-# TBH it is not clear to me (Diziet, 2018) why this is not the
-# default but it is definitely appropriate for Xen, many of whose
-# users will care significantly about security.x
+# Apparently some of these might incur silent breakage
+#   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939560#5
+# but we don't think this is relevant to us.
  #
  # Note that we don't use the dpkg-buildflags output for the
  # hypervisor build.  This because I haven't investigated which
author	Ian Jackson <ian.jackson@citrix.com>
	Tue, 4 Feb 2020 14:16:39 +0000 (14:16 +0000)
committer	Hans van Kranenburg <hans@knorrie.org>
	Thu, 23 Jul 2020 12:35:10 +0000 (14:35 +0200)