Bug 419181 - okular could use more hardening
Summary: okular could use more hardening
Status: RESOLVED FIXED
Alias: None
Product: neon
Classification: KDE Neon
Component: Snaps (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR normal
Target Milestone: ---
Assignee: Neon Bugs
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-24 13:18 UTC by Laurent Bonnaud
Modified: 2023-04-02 10:00 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Laurent Bonnaud 2020-03-24 13:18:07 UTC 
Hi,

could you please enable more hardening when compiling okular?

STEPS TO REPRODUCE
1. snap install okular
2. hardening-check /snap/okular/current/usr/bin/okular

OBSERVED RESULT

/snap/okular/current/usr/bin/okular:
 Position Independent Executable: yes
 Stack protected: yes
 Fortify Source functions: no, only unprotected functions found!
 Read-only relocations: yes
 Immediate binding: yes
 Stack clash protection: unknown, no -fstack-clash-protection instructions found
 Control flow integrity: unknown, no -fcf-protection instructions found!

EXPECTED RESULT
Stack clash protection and Control flow integrity enabled in okular.

SOFTWARE/OS VERSIONS
irrelevent
Comment 1 Laurent Bonnaud 2023-04-02 10:00:50 UTC 
I am closing this bug because the okular snap is now on the same hardening level as apt packages and flatpak bundles.