Good question. I did not even think about this.
I could not find many executables that fell into this category. Maybe about 10. Out of those, dnsdist was the largest one - by far.
So I would say, it isn’t worth it except for dnsdist.
-Michael
On 6 Jul 2022, at 10:56, Peter Müller peter.mueller@ipfire.org wrote:
Hello Michael,
just a short follow-up question on this: Do we need to re-ship all affected packages again? Or is it fine to let users benefit from stripped PIE executables when we update affected components anyway?
Thanks, and best regards, Peter Müller
Reviewed-by: Peter Müller peter.mueller@ipfire.org
Fixes: #12894 Signed-off-by: Michael Tremer michael.tremer@ipfire.org
src/stripper | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/src/stripper b/src/stripper index fadbc514b..4014f03a4 100755 --- a/src/stripper +++ b/src/stripper @@ -38,6 +38,10 @@ function _strip() { args+=( "--strip-all" ) ;;
*Type:*"DYN (Position-Independent Executable file)"*)
args+=( "--strip-all" )
;;
# Binaries *Type:*"EXEC (Executable file)"*) args+=( "--strip-all" )