Packages| Package | “default-znow” Flag Description |
|---|---|
| dev-lang/gnat-gpl | Request full relocation on start from ld.so by default |
| net-dns/nsd | Enable full relocation binding at load-time (RELRO NOW, to protect GOT and .dtor areas) |
| sys-devel/gcc | Request full relocation on start from ld.so by default. This sets the -z,now (BIND_NOW) flag by default on all linker invocations. By resolving all dynamic symbols at application startup, parts of the program can be made read-only as a hardening measure. This is closely related to RELRO which is also separately enabled by default. In some applications with many unresolved symbols (heavily plugin based, for example), startup time may be impacted. |