1 |
On 09/22/04 Ciaran McCreesh wrote: |
2 |
|
3 |
> On Wed, 22 Sep 2004 11:54:55 -0400 John Richard Moser |
4 |
> <nigelenki@×××××××.net> wrote: |
5 |
> | I believe it would be a good idea to have such a FEATURES or USE |
6 |
> | flag on by default in all profiles where SSP is supported. In this |
7 |
> | manner, the major targets of security attacks would automatically be |
8 |
> | protected; while still allowing the user to disable the protection |
9 |
> | if the user desires. Users wanting more protection can simply add |
10 |
> | -fstack-protector to CFLAGS, or use Hardened Gentoo. |
11 |
> |
12 |
> Personally, I don't see the point in an ugly hack which occasionally |
13 |
> sort of protects you from badly written code... The option's there for |
14 |
> anyone who really wants it, but we tend more towards a "turn most |
15 |
> things off unless the user asks for them" approach, hence the |
16 |
> relatively low number of things turned on in the default USE settings. |
17 |
> |
18 |
> | Any comments? Would this be more suitable as a USE or a FEATURES |
19 |
> | setting? |
20 |
> |
21 |
> FEATURES, not USE. |
22 |
|
23 |
Depends, FEATURES are things that are done generally by portage while |
24 |
USE is for per-package things. And as far as I understand this is a |
25 |
request for per-package dependent behavior so it would be a USE thing. |
26 |
However, would this involve anything else than CLFAGS modifications? If |
27 |
not than I don't think it's worth another flag as per-package |
28 |
environment variables support for portage is already planned, so it |
29 |
would be pointless. |
30 |
|
31 |
Marius |
32 |
|
33 |
-- |
34 |
Public Key at http://www.genone.de/info/gpg-key.pub |
35 |
|
36 |
In the beginning, there was nothing. And God said, 'Let there be |
37 |
Light.' And there was still nothing, but you could see a bit better. |
38 |
|
39 |
-- |
40 |
gentoo-dev@g.o mailing list |