[llvm-dev] Is Clang compiled binary more secure than gcc

serge guelton via llvm-dev llvm-dev at lists.llvm.org
Tue Mar 7 04:28:01 PST 2017


On Tue, Mar 07, 2017 at 08:23:17PM +0800, Zhe Zhao via llvm-dev wrote:
> Hi, Guys
> 
> I try to make my compiled binary has more security feature like SafeStack
> or even CPI and so on, but I am not sure if Clang can really provide more
> security features than gcc in compiled object.
> 
> Can someone help to give me some guidance about the clang security features
> usage and comparison with gcc?

We listed several hardening features available when using clang here:

    http://blog.quarkslab.com/clang-hardening-cheat-sheet.html

It's now 1 year old, but it may still help.


More information about the llvm-dev mailing list