Changes in Makefile http://nxr.netbsd.org/rss/src/usr.bin/skeyinfo/Makefile en Copyright 2005 Java Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the<br/>FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to<br/>various string and memory copy and set functions (as well as a few system<br/>calls and other miscellany) where known at function entry. RedHat has<br/>evidently built all "core system packages" with this option for some time.<br/><br/>This option should be used at the top of Makefiles (or Makefile.inc where<br/>this is used for subdirectories) but after any setting of LIB.<br/><br/>This is only useful for userland code, and cannot be used in libc or in<br/>any code which includes the libc internals, because it overrides certain<br/>libc functions with macros. Some effort has been made to make USE_FORT=yes<br/>work correctly for a full-system build by having the bsd.sys.mk logic<br/>disable the feature where it should not be used (libc, libssp iteself,<br/>the kernel) but no attempt has been made to build the entire system with<br/>USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.<br/><br/>Adjust the system build so that all programs and libraries that are setuid,<br/>directly handle network data (including serial comm data), perform<br/>authentication, or appear likely to have (or have a history of having)<br/>data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,<br/>with the exception of libc, which cannot use USE_FORT and thus uses<br/>only USE_SSP by default. Tested on i386 with no ill results; USE_FORT=no<br/>per-directory or in a system build will disable if desired. /src/usr.bin/skeyinfo/Makefile - 1.2 Mon May 28 00:06:31 UTC 2007 tls PR/3417: Andrew Brown: Skeyinfo should be a program so that if /etc/skeyskeys<br/>is mode 600, it can only read the user's own keys. /src/usr.bin/skeyinfo/Makefile - 1.1 Sun Jun 22 18:49:55 UTC 1997 christos