From aefb83c4f0ef6cb6fcbb5cf982d3431b18d95a5f Mon Sep 17 00:00:00 2001
From: Janne Koschinski <janne@kuschku.de>
Date: Thu, 10 Jan 2019 17:07:07 +0100
Subject: [PATCH] Implement hardening flags to make exploiting the core less
 likely

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 4988a73..a1d9ca3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,7 +24,7 @@ RUN mkdir /quassel && \
     git clone -b identd-listen-all --single-branch https://github.com/justjanne/quassel src
 RUN mkdir /quassel/build && \
     cd /quassel/build && \
-    cmake \
+    CXXFLAGS="-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fstack-protector-strong -fPIE -pie -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now" cmake \
       -DCMAKE_INSTALL_PREFIX=/quassel/install \
       -DCMAKE_BUILD_TYPE="Release" \
       -DUSE_QT5=ON \
-- 
GitLab