You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Build option for OpenSSF Compiler Hardening Flags (onnx#7601)
### Motivation and Context
I think we should implement the OpenSSF Compiler Hardening Flags to
address the following requirement for the Silver Badge
(https://www.bestpractices.dev/en/projects/3313/silver#security):
Hardening mechanisms SHOULD be used in the software produced by the
project so that software defects are less likely to result in security
vulnerabilities. [hardening]
Hardening mechanisms may include HTTP headers like Content Security
Policy (CSP), compiler flags to mitigate attacks (such as
-fstack-protector), or compiler flags to eliminate undefined behavior.
For our purposes least privilege is not considered a hardening mechanism
(least privilege is important, but separate).
Fixes: onnx#6834
---------
Signed-off-by: Andreas Fehlner <fehlner@arcor.de>
0 commit comments