1 |
> |
2 |
> OK so who has a mips you can test it on? |
3 |
|
4 |
I've got 2 working mips machines. The problem is, they are very busy |
5 |
being used to fulfill my obligations for being in charge of X11 stuff on |
6 |
mips. |
7 |
|
8 |
> |
9 |
> | |
10 |
> | So then, are you volunteering to build mips stages with SSP to prove |
11 |
> | that it works for certain? We really don't have the manpower to do that |
12 |
> | currently. Are you going to answer to any bug reports we would get if |
13 |
> | this is implemented? |
14 |
> | |
15 |
> | Also, in terms of "researching" this problem, do you realize you just |
16 |
> | told the Gentoo/sparc strategic manager that he doesn't know anything |
17 |
> | about his own arch? "No! you're wrong! SSP does work on your arch!" |
18 |
> |
19 |
> "And ssp is supposed to be portable. Etoh and Yoda's paper[1] says that |
20 |
> The IBM stack smash protection method (ProPolice) is CPU and OS |
21 |
> independent[2]. I think that you'd be within reason to complain to them |
22 |
> if it didn't work accross all archs." |
23 |
> |
24 |
> I never gave you my personal guarantee, I said based on research and on |
25 |
> what the maintainers say, it should; and that if it doesn't then it's |
26 |
> something they (not you) need to fix. I do like to think that people |
27 |
> don't lie about their software, at the very least not intentionally. |
28 |
> |
29 |
> Obviously if it breaks on X arch, you disable it there. |
30 |
|
31 |
Again, just because they say it theoretically works, doesn't mean it |
32 |
will in practice. See Weeve's reply to your last email. |
33 |
|
34 |
> |
35 |
> | Reminds me of arguments I've had with people that tried to tell me (I'm |
36 |
> | a geologist) the Earth is only 7000 years old because the bible says so. |
37 |
> | I suggest you pull your head out of the collective x86 ass. The |
38 |
> | non-x86 arch teams have enough breakage to deal with without introducing |
39 |
> | another layer of potential brokenness. |
40 |
> |
41 |
> I was considering more than x86, else I'd have asked you why the hell it |
42 |
> needs to be cross-arch. I use x86_64 mainly, although I guess that |
43 |
> counts as x86 huh? (the amd64 caabal doesn't seem to agree :>) In this |
44 |
> case the architectural similarities put them in the same class. |
45 |
> |
46 |
> Still, I figured they meant "alpha sparc mips arm sh4 windows dos macos |
47 |
> aix unix linux" when they said CPU and OS independent. |
48 |
|
49 |
See Weeve's argument about toolchain problems in more exotic arches. |
50 |
|
51 |
> |
52 |
> | |
53 |
> | I still don't understand why we can't simply place a blurb in the |
54 |
> | install handbook as I suggested before. It is always much easier to add |
55 |
> | something than take it away in this circumstance. If a user *really* |
56 |
> | wants that functionality, they'll add it in. If a user *really* doesn't |
57 |
> | want it, but it is on by default, they will have to rebuild their whole |
58 |
> | userland, which on machines such a those supported by the mips port |
59 |
> | would be *extremely* painful. |
60 |
> | |
61 |
> |
62 |
> It's a design decision still. If you supply a non-SSP userland in your |
63 |
> stages, the user has to start from stage 1 (not 2 or 3) to get SSP. If |
64 |
> you supply an SSP userland in the stages, the user has to start from |
65 |
> stage 1 to remove it. The hardened stages come with PIE-SSP, but what |
66 |
> if the user doesn't want a full hardened system (i.e. pie and the |
67 |
> hardened profile)? Obviously you don't want to waste more space on the |
68 |
> mirrors supplying non-ssp/ssp/pie-ssp-selinux stages for each arch. |
69 |
|
70 |
First of all, we don't have hardened stages for mips. But anyway, I |
71 |
would contend that those users who would want SSP are those hardcore |
72 |
enough to start from a stage1 or stage2 on a mips box (installs can |
73 |
become a weeklong affair in some cases). |
74 |
|
75 |
> |
76 |
> Why not take a poll of the user base, and ask if SSP should be on by |
77 |
> default or not? |
78 |
> |
79 |
|
80 |
Sure...why don't we also poll the user base if reiserfs 4 should be the |
81 |
default fs of Gentoo? The point here is that sometimes the developers |
82 |
know better. |
83 |
|
84 |
Steve |
85 |
|
86 |
|
87 |
|
88 |
-- |
89 |
gentoo-dev@g.o mailing list |