build: Enable hardening options for Debian build.

The Debian guidelines recommend enable hardening for processes
that handle untrusted data such as network listeners.

This sets various compiler flags for stack smashing and
makes some segments read-only.
https://wiki.debian.org/Hardening

diff --git a/debian/rules b/debian/rules
index 1208aafc357c04f78a8a95c84059a9e9c4aa22b0..883e095a2e7aa589405d3e666cc5403a8a747713 100755 (executable)
--- a/debian/rules
+++ b/debian/rules
@@ -1,5 +1,6 @@
 #!/usr/bin/make -f
 export DH_VERBOSE=1
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
 
 %:
        dh $@ --with-systemd