From e7d7bcc6223331ea3fc3681a86379f1d2c4ee949 Mon Sep 17 00:00:00 2001
From: Philippe De Swert <philippe.deswert@nomovok.com>
Date: Mon, 17 Oct 2016 15:17:18 +0300
Subject: [PATCH] [configure.ac] Enable some extra linker flags for extra
 security

Make some ELF sections readonly with -z relro and -z relro now

See: https://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_RELRO_.28ld_-z_relro.29

Signed-off-by: Philippe De Swert <philippe.deswert@gmail.com>
---
 configure.ac | 1 +
 1 file changed, 1 insertion(+)

diff --git a/configure.ac b/configure.ac
index 93cfbde..9438ddb 100644
--- a/configure.ac
+++ b/configure.ac
@@ -23,6 +23,7 @@ test_gcc_flag() {
 # We use gnu99 instead of c99 because many have interpreted the standard
 # in a way that int64_t isn't defined on non-64 bit platforms.
 CFLAGS="-Os -std=gnu99 -Wall -W -Wextra -pipe -Wformat -Wold-style-definition -Wdeclaration-after-statement -Wfloat-equal -Wmissing-declarations -Wmissing-prototypes -Wstrict-prototypes -Wendif-labels -Wpointer-arith -Wcast-align -Wwrite-strings -Winline -Wno-unused-parameter -finline-small-functions -Wno-unused-result -fstack-protector -D_FORTIFY_SOURCE=2 -Wl,-z,relro,-z,now -fPIE -fpie -pie"
+LDFLAGS="-z relro -z now"
 
 AC_ARG_ENABLE([debug], AS_HELP_STRING([--enable-debug],[Enable debug @<:@default=false@:>@]),
   [case "${enableval}" in