List Archive: gentoo-dev
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On Monday 28 May 2012 14:34:22 Zac Medico wrote:
> In case you aren't familiar with FEATURES=userpriv, here's the
> description from the make.conf(5) man page:
> Allow portage to drop root privileges and compile packages as
> portage:portage without a sandbox (unless usersandbox is also used).
> The rationale for having the separate "usersandbox" setting, to enable
> use of sys-apps/sandbox, is that people who enable userpriv sometimes
> prefer to have sandbox disabled in order to slightly improve
> performance. However, I would recommend to enable usersandbox by
> default, for the purpose of logging sandbox violations.
> Note that ebuilds can set RESTRICT="userpriv" if they require superuser
> privileges during any of the src_* phases that userpriv affects.
> I've been using FEATURES="userpriv usersandbox" for years, and I don't
> remember experiencing any problems because of it, so I think that it
> would be reasonable to have it enabled by default. Objections?
I'm using usersync since a long time, how about add it too?
Agostino Sarubbo ago -at- gentoo.org
Gentoo/AMD64 Arch Security Liaison
signature.asc (This is a digitally signed message part.)