Date: Wed, 26 Nov 2008 16:49:07 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Kris Kennaway <kris@freebsd.org> Cc: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl>, Masoom Shaikh <masoom.shaikh@gmail.com>, freebsd-questions@freebsd.org Subject: Re: large binary, why not strip ? Message-ID: <492D7E03.3070500@infracaninophile.co.uk> In-Reply-To: <49226AFD.6060505@infracaninophile.co.uk> References: <b10011eb0811160042w158656bld3b91a2bf7cfdd3f@mail.gmail.com> <20081116125622.E24752@wojtek.tensor.gdynia.pl> <20081117172100.GB43367@hub.freebsd.org> <b10011eb0811171040y536d5e18y171ca9aed686f9bf@mail.gmail.com> <20081117210649.GE63818@hub.freebsd.org> <49226AFD.6060505@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigFE585E26E12C52B51A7840D0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
Matthew Seaman wrote:
> Kris Kennaway wrote:
>=20
>> Bonus points if you come up with a patch to do this: in most cases it
>> will be a simple matter of changing the port's do-install: target to
>> use INSTALL_* macros instead of cp/bsdtar etc. This would be a good
>> project to get some familiarity with the ports tree.
>=20
> Would it be worthwhile to add a test and warning that all installed=20
> binaries
> have not been stripped to the 'security-check' target in bsd.port.mk? =
> That's
> not really what that target was intended for (feeping creaturism alert!=
)=20
> but
> it's the obvious place to put such a test.
>=20
> Probably cleaner to create a whole new target, but that's going to=20
> duplicate
> some code.
>=20
> Hmmmm... I shall work up some patches, probably over the weekend, so=20
> there's
> something substantive to talk about.
Done: ports/129210
For the record, I also discovered that, contrary to what I said earlier,
there is apparently one class of binary object that will not work correc=
tly
if stripped: kernel loadable modules.
As others have commented, most shlibs installed from ports aren't strippe=
d.
The same applies to almost any sort of pluggable module (perl, PHP etc.) =
that
I have been able to investigate.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
--------------enigFE585E26E12C52B51A7840D0
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEAREIAAYFAkktfgMACgkQ8Mjk52CukIzUGwCfdPek2SsPcBfJB0WEbbi31iaE
88oAnRSzA8DWYB70jE//bd+NNfcsDUHV
=fPyg
-----END PGP SIGNATURE-----
--------------enigFE585E26E12C52B51A7840D0--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?492D7E03.3070500>