This document is a guide for compiler and linker options that contribute to delivering reliable and secure code using native (or cross) toolchains for C and C++. The objective of compiler options hardening is to produce application binaries (executables) with security mechanisms against potential attacks and/or misbehavior.

Hardened compiler options should also produce applications that integrate well with existing platform security features in modern operating systems (OSs). Effectively configuring the compiler options also has several benefits during development such as enhanced compiler warnings, static analysis, and debug instrumentation.

This document focuses on recommended options for the GNU Compiler Collection (GCC) and Clang/LLVM, and we expect the recommendations to be applicable to other compilers based on GCC and Clang technology. In the future, we aim to expand to guide to also cover other compilers, such as Microsoft MSVC.

switching.software is a grassroots website, that is trying to let people know about ethical and easy-to-use alternatives to well-known websites, apps and other software.

How to install vim from the FreeBSD ports collection without it installing most of X along with it.

cd /usr/ports/editors/vim
make WITHOUT_X11=yes install clean

How to configure dnsmasq to return the same IP address for any A record a client might request. This feature was added for people constructing public access points. The difference between this one and the other one is that this one is how to do it from the command line and not the configuration file.