You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I used a scanning tool to scan the nebula-graphd file and found Unsatisfied secure compilation options -fPIE -pie. I saw a related reply in the community: Nebula relies on static libraries and does not need this option. (https://discuss.nebula-graph.com.cn/t/topic/2846/2)
Is there a formal conclusion and reason for this?
The text was updated successfully, but these errors were encountered:
In the current source code we use the -fPIC option, what scanning tool are you using? I want to reproduce this scan result.
Both nebula and nebula-third-party use the -fPIC option, so I want to know which part is showing up -fPIE
The replies in the mentioned post are not correct.
The -no-pie linker option was introduced by me long long ago. I am not sure about the exact reason to do this. But it must be related with a crash bug if PIE is enabled by default. I simply reviewed my commit history to locate the original PR but with no luck.
Yes, my code exists -fPIE -pie . But I used the security tool to scan nebula-graphd, the result showed that the -fPIE -pie not activated. I'd like to consult the reasons and the security risks.
I used a scanning tool to scan the nebula-graphd file and found Unsatisfied secure compilation options -fPIE -pie. I saw a related reply in the community: Nebula relies on static libraries and does not need this option. (https://discuss.nebula-graph.com.cn/t/topic/2846/2)
Is there a formal conclusion and reason for this?
The text was updated successfully, but these errors were encountered: