XPost: linux.debian.bugs.dist 
 From: marcos@orca.pet 
  
 El 03/09/2025 a las 17:00, Paul Tagliamonte escribi€€: 
 >> I have been instructed by Helmut Grohne from the technical commitee 
 >> (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113774#126) 
 >> to open a bug here to ask for a change in the current hardening defaults 
 >> of Debian for sid and future stable releases. 
 > 
 > One thing of note here, Helmut said: 
 > 
 >>> It also is enabled in forky/sid. While we somewhat disagree on the 
 importance of old i386 hardware on this matter, would you mind additionally 
 questioning the usefulness of -fcf-protection (=full) as opposed to 
 -fcf-protection=return to the project? 
 I suggest that you report a wishlist bug against dpkg-dev (which contains 
 our 
 default build flags) and X-Debbugs-Cc: debian-devel@lists.debian.org to try 
 to 
 change this for unstable. 
 > 
 > It's worth noting here that the TC hasn't weighed in on anything yet - this 
 bug is mostly an extension of that discussion and the utility of 
 fcf-protection=full vs fcf-protection=return on amd64. 
 > 
 > Not saying you did anything wrong here Marcos -- just emphasiszing this bug 
 should *not* be taken as the TC directly asking for this change. 
 > 
 > I believe helmut, if I understood him correctly, intended for this bug to 
 be 
 a discussion on the substance here, and a discussion about the future 
 configuration for sid while we keep understanding the interactions for 
 bookworm. 
 > 
  
 Hello Paul! 
  
 I understood too that he wanted to simply an open discussion about IBT 
 being enabled for all packages. 
  
 Re-reading now my original bug report now, though, I agree that I 
 accidentally worded it like a change was being required. Sorry! 
  
 Greetings, 
 Marcos 
  
 --- SoupGate-Win32 v1.05 
  * Origin: you cannot sedate... all the things you hate (1:229/2)