= Proposed System Wide Change: Format Security =
Change owner(s): Dhiru Kholia <dhiru.kholia(a)gmail.com>
Enable "-Werror=format-security" compilation flag for all packages in Fedora.
Once this flag is enabled, GCC will refuse to compile code that could be
vulnerable to a string format security flaw.
== Detailed Description ==
Once "-Werror=format-security" is enabled, GCC will refuse to compile code
that could be vulnerable to a string format security flaw. For more details,
please see this FESCo ticket .
Enabling this option eliminates an entire class of security issues! To further
understand why it is important to fix such bugs, please see Format-Security-FAQ
Implementing this change requires a single line change to be made to the
/usr/lib/rpm/redhat/macros file (part of redhat-rpm-config package). My patch to
do this can be found at 
== Scope ==
Proposal owners: Currently, around 400 packages FTBFS if this flag is enabled.
We need to file bugs and also try solving these FTBFS issues.
Other developers: Currently, around 400 packages FTBFS if this flag is enabled.
A list of packages which FTBFS is available at . The fix for these errors is
quite simple (in most cases). It's a matter of changing a line like,
printf(foo), to read printf("%s", foo), instead. That's it. More details are
available on Format-Security-FAQ. Additionally, we highly encourage owners (of
the affected packages) to work with upstream.
Release engineering: A mass build is required.
Policies and guidelines: N/A