[FFmpeg-user] Unable to build FFmpeg 4.0 on macOS
Reindl Harald
h.reindl at thelounge.net
Sun Apr 29 19:11:22 EEST 2018
Am 29.04.2018 um 18:06 schrieb Reindl Harald:
>
>
> Am 29.04.2018 um 17:58 schrieb Paul B Mahol:
>> On 4/29/18, Reindl Harald <h.reindl at thelounge.net> wrote:
>>>
>>>
>>> Am 29.04.2018 um 16:31 schrieb Carl Eugen Hoyos:
>>>>> --enable-pic
>>>>
>>>> Why is this needed?
>>>> (I see it often: If it has an effect, it makes the binary slower, so
>>>> I wonder why people add it.)
>>>
>>> because other than you people care about security and not only
>>> performance - learn about system hardening - and yes given the tons of
>>> errors and voodoo in *all* multimedia codecs it's recommended
>>
>> Which errors and voodoo?
>> Can you point them?
> please don't play fool - thank you!
>
> you have hunrdets of critical bugs in *every* multimedia library over
> the past years and hardening binaries is for make *currently unknown*
> vulernabilities more difficult to trigger
>
> if one don't have the slightest clue about
> https://en.wikipedia.org/wiki/Binary_hardening he better should not
> recommend remove options like "--enable-pic" which should be *default*
> until someone decides sacrifice security by performance
https://fedoraproject.org/wiki/Changes/Harden_All_Packages
in the past he policy was only for long running applications or
applications handling untrusted input - given that ffmpeg is linked into
a ton of applications up to browsers it's handeling untrusted input by
definition
and because that applies to nearly any application and be it only a
pdf-reader opening some downloaded file froma random source smart people
decided long ago that haredning all binaries is they way to go
More information about the ffmpeg-user
mailing list