ProjectSegfault/go-away
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: set -buildmode pie, -bindnow linker flag. Enables Full RELRO, NX, PIE, no RPATH/RUNPATH, nothing to FORTIFY

Browse Source
This commit is contained in:
WeebDataHoarder
2025-06-28 10:18:13 +02:00
parent d1d80c5078
commit 057bca753d
3 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Dockerfile
View File

@@ -25,7 +25,10 @@ ENV GOOS=${TARGETOS}
ENV GOARCH=${TARGETARCH}
ENV GOTOOLCHAIN=${GOTOOLCHAIN}
RUN go build -pgo=auto -v -trimpath -ldflags=-buildid= -o "${GOBIN}/go-away" ./cmd/go-away
RUN go build -v \
-pgo=auto \
-trimpath -ldflags='-buildid= -bindnow' -buildmode pie \
-o "${GOBIN}/go-away" ./cmd/go-away
RUN test -e "${GOBIN}/go-away"