While looking through the binaries on my system, I found a small handful of non-PIE binaries, and a majority of them were Go-based. So I looked around and found this patch which appears to enable building binaries with PIE support by default (on all platforms): https://git.archlinux.org/svntogit/community.git/tree/trunk/default-buildmode-pie.patch?h=packages/go Would there be any interest in this on Gentoo? I imagine this would be simple to implement as a patch which is applied if a newly introduced "pie" USE flag is set on dev-lang/go There are a couple of caveats, of course: 1) Go is designed to be memory safe, so unless the unsafe package is used, PIE might not be too important 2) I'm no expert on Go, but there's a non-zero chance that flipping something like this in the toolchain could potentially break *something* down the line in a subtle way
*** Bug 718054 has been marked as a duplicate of this bug. ***
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4dade77c0882aab06f35f8db1154d0a52f0ba1b commit f4dade77c0882aab06f35f8db1154d0a52f0ba1b Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2023-01-20 22:35:09 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2023-01-20 22:38:25 +0000 go-module.eclass: add -buildmode=pie Bug: https://bugs.gentoo.org/702598 Signed-off-by: William Hubbs <williamh@gentoo.org> eclass/go-module.eclass | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)
Might be useful to add -buildmode= instead of -buildmod=
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=156c19492867660e906b3d4c79bece66fb102b78 commit 156c19492867660e906b3d4c79bece66fb102b78 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-01-20 23:09:40 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-01-20 23:09:40 +0000 go-module.eclass: fix typo in buildmode Fixes: f4dade77c0882aab06f35f8db1154d0a52f0ba1b Bug: https://bugs.gentoo.org/702598 Signed-off-by: Sam James <sam@gentoo.org> eclass/go-module.eclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
This is fixed.