On Thu, 2002-01-10 at 17:00, Joachim Blaabjerg wrote:
> On 10 Jan 2002 15:40:40 +0100
> Mikael Hallendal <hallski@g.o> wrote:
> >
> > Nice!
> 
> I know ;)
> 
> > 
> > We don't want to add this to all ebuilds not supporting the
> > secure-stuff. This will be very hard and unmaintainable. Better would be
> > to create a profile which includes packages and version and then use
> > that profile for the secured version (thus not making it possible to
> > install any other packages).
> 
> Ah, okay, I see... But what do you think, will there be a USE variable, or
> something else?
> 

Like Mikael said, you can 'mask' the packages that your
secure version do not use, so that they are not installeble
unless forced (after all, it is the user's right to fsck up
his system/bridge security if he feels like it ;-).

Then for the extra security patches, you could use USE
variables like you suggested yourself.  This will be nothing
new (look at the 'build' variable for instance ...), and it
will be cleaner than using eclasses.

Using eclasses to do something like this will complicate
things too much in my opinion, and each package will be
different in the way you have to secure it (different patches,
maybe different ./configure flags, etc).

Anyhow, eclasses are just for KDE and still in
testing/approval (not that I am one to make this statement ;/)


Greetings,

-- 

Martin Schlemmer
Gentoo Linux Developer, Desktop Team Developer
Cape Town, South Africa