931128 – www-client/chromium-124.0.6367.118 still builds with -fstack-protector

Bug 931128 - www-client/chromium-124.0.6367.118 still builds with -fstack-protector

Summary: www-client/chromium-124.0.6367.118 still builds with -fstack-protector

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Chromium Project

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2024-05-03 10:38 UTC by Agostino Sarubbo
Modified:	2024-06-19 06:28 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2024-05-03 10:38:49 UTC

I noticed from www-client/chromium-124.0.6367.118 build that it still use -fstack-protector. This should overwrite the -fstack-protector-strong option that we are using by default in hardened profile and default profile with gcc[ssp]

I'm wondering if there a particular reason about why google still keeping -fstack-protector

Comment 1 Matt Jolly gentoo-dev

2024-06-19 06:28:02 UTC

I'm honestly not sure why Google do that, but I'm not inclined to change the upstream defaults here - I think that there's too much risk of it unintentionally (and silently) breaking something.

If we ever get a test suite up and running I'd be willing to be more adventurous with our configurations, but until then I can only suggest opening a ticket upstream to ask your question.