From: Pascal G. <evi...@gm...> - 2013-01-31 03:50:54
|
On Wed, Jan 30, 2013 at 10:30 PM, Chris Bagwell <ch...@cn...> wrote: > For SoX, you should be able to get an idea of API and ABI modifications > using "git log -u src/sox.h" since that defines our interface to library. > That shows no modifications in dot branch since 14.4.0 release. Good! > I'll have to read up on this new approach. Is it OK to ignore API/ABI > changes related to internal-only symbols that we are allowing to leak out > (those prefixed with lsx_)? Hmm... are we suggesting users to make use of them in some cases? Or we're discouraging that practice? The initial project description that ended up creating those symbol file mechanism does mention the case of libraries exposing private symbols. It's considered noise and thus I would assume the maintainer is expected to remove those symbols from the symbol file. That has the consequence of having untracked symbols and thus, if applications uses them, things will break and they'll be on their own. In any case, why are we "leaking" them? I see there are lots of them, they actually constitute the vast majority of symbols! (340/393). I'm still not very experienced with shared library packaging. If I get stuck, I may very well ask for advice on the debian-devel ML. More experienced Debian devs/maintainers may shed some light. Related to packaging changes I made recently and that will be introduced in 14.4.1/14.4.2, it may also benefit SoX outside Debian to build hardened binaries (see [1]). AFAIU, when gcc is used, it's only a matter of adding some build flags e.g. "-D_FORTIFY_SOURCE=2", "-fstack-protector --param ssp-buffer-size=4", etc. Cheers, -Pascal [1] http://wiki.debian.org/Hardening -- Homepage (http://organact.mine.nu) Debian GNU/Linux (http://www.debian.org) COMunité/LACIME: École de technologie supérieure (http://www.comunite.ca) Integrated Microsystems Laboratory: McGill (http://www.iml.ece.mcgill.ca) |