The build systems of some Linux distros (like Debian) make use of
_FORTIFY_SOURCE in more secure levels than stated by pev. This patch
only defines _FORTIFY_SOURCE if it has not been defined before.
The previous approach of undefining and defining it unconditionally
caused a weakening of the hardening expected by those distros' build
systems. This patch keeps the same functionality as before, while
allowing for distros to use more secure levels if so they wish.
The build systems of some Linux distros (like Debian) make use of _FORTIFY_SOURCE in more secure levels than stated by pev. This patch only defines _FORTIFY_SOURCE if it has not been defined before.
The previous approach of undefining and defining it unconditionally caused a weakening of the hardening expected by those distros' build systems. This patch keeps the same functionality as before, while allowing for distros to use more secure levels if so they wish.