List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
> eruption or something else. Now collection is expanded to patches that
> will not be mainstreamed :> This is GOOD PRACTICE :). Thinking about
Another distros do include patches for glibc not accepted by mainstream.
In this particular case the patch is pretty trivial. And how many users
actually need those LD_* vars to be handled for setuid/setgid binaries?
My bet it's less than 1% of them, and even less than 0.1% of Hardened users.
And what's the problem with including the patch only for glibc[hardened]
and/or glibc[-debug]? I guess that's what at least Hardened users want:
to proactively secure their system, even at the expense of some
debugging facilities (PIE vs <gdb-7.1 as an example).
To reject the patch without any explaination was one man's decision I do
not agree personally, especially after Gentoo security team failed to
fix the recent glibc vulns in a timely manner.
On another point, if some users want this particular patch to be
included, they should speak for themselves. By now I don't see much
interest even among #gentoo-hardened people.