| 1 |
> |
| 2 |
> OK so who has a mips you can test it on? |
| 3 |
|
| 4 |
I've got 2 working mips machines. The problem is, they are very busy |
| 5 |
being used to fulfill my obligations for being in charge of X11 stuff on |
| 6 |
mips. |
| 7 |
|
| 8 |
> |
| 9 |
> | |
| 10 |
> | So then, are you volunteering to build mips stages with SSP to prove |
| 11 |
> | that it works for certain? We really don't have the manpower to do that |
| 12 |
> | currently. Are you going to answer to any bug reports we would get if |
| 13 |
> | this is implemented? |
| 14 |
> | |
| 15 |
> | Also, in terms of "researching" this problem, do you realize you just |
| 16 |
> | told the Gentoo/sparc strategic manager that he doesn't know anything |
| 17 |
> | about his own arch? "No! you're wrong! SSP does work on your arch!" |
| 18 |
> |
| 19 |
> "And ssp is supposed to be portable. Etoh and Yoda's paper[1] says that |
| 20 |
> The IBM stack smash protection method (ProPolice) is CPU and OS |
| 21 |
> independent[2]. I think that you'd be within reason to complain to them |
| 22 |
> if it didn't work accross all archs." |
| 23 |
> |
| 24 |
> I never gave you my personal guarantee, I said based on research and on |
| 25 |
> what the maintainers say, it should; and that if it doesn't then it's |
| 26 |
> something they (not you) need to fix. I do like to think that people |
| 27 |
> don't lie about their software, at the very least not intentionally. |
| 28 |
> |
| 29 |
> Obviously if it breaks on X arch, you disable it there. |
| 30 |
|
| 31 |
Again, just because they say it theoretically works, doesn't mean it |
| 32 |
will in practice. See Weeve's reply to your last email. |
| 33 |
|
| 34 |
> |
| 35 |
> | Reminds me of arguments I've had with people that tried to tell me (I'm |
| 36 |
> | a geologist) the Earth is only 7000 years old because the bible says so. |
| 37 |
> | I suggest you pull your head out of the collective x86 ass. The |
| 38 |
> | non-x86 arch teams have enough breakage to deal with without introducing |
| 39 |
> | another layer of potential brokenness. |
| 40 |
> |
| 41 |
> I was considering more than x86, else I'd have asked you why the hell it |
| 42 |
> needs to be cross-arch. I use x86_64 mainly, although I guess that |
| 43 |
> counts as x86 huh? (the amd64 caabal doesn't seem to agree :>) In this |
| 44 |
> case the architectural similarities put them in the same class. |
| 45 |
> |
| 46 |
> Still, I figured they meant "alpha sparc mips arm sh4 windows dos macos |
| 47 |
> aix unix linux" when they said CPU and OS independent. |
| 48 |
|
| 49 |
See Weeve's argument about toolchain problems in more exotic arches. |
| 50 |
|
| 51 |
> |
| 52 |
> | |
| 53 |
> | I still don't understand why we can't simply place a blurb in the |
| 54 |
> | install handbook as I suggested before. It is always much easier to add |
| 55 |
> | something than take it away in this circumstance. If a user *really* |
| 56 |
> | wants that functionality, they'll add it in. If a user *really* doesn't |
| 57 |
> | want it, but it is on by default, they will have to rebuild their whole |
| 58 |
> | userland, which on machines such a those supported by the mips port |
| 59 |
> | would be *extremely* painful. |
| 60 |
> | |
| 61 |
> |
| 62 |
> It's a design decision still. If you supply a non-SSP userland in your |
| 63 |
> stages, the user has to start from stage 1 (not 2 or 3) to get SSP. If |
| 64 |
> you supply an SSP userland in the stages, the user has to start from |
| 65 |
> stage 1 to remove it. The hardened stages come with PIE-SSP, but what |
| 66 |
> if the user doesn't want a full hardened system (i.e. pie and the |
| 67 |
> hardened profile)? Obviously you don't want to waste more space on the |
| 68 |
> mirrors supplying non-ssp/ssp/pie-ssp-selinux stages for each arch. |
| 69 |
|
| 70 |
First of all, we don't have hardened stages for mips. But anyway, I |
| 71 |
would contend that those users who would want SSP are those hardcore |
| 72 |
enough to start from a stage1 or stage2 on a mips box (installs can |
| 73 |
become a weeklong affair in some cases). |
| 74 |
|
| 75 |
> |
| 76 |
> Why not take a poll of the user base, and ask if SSP should be on by |
| 77 |
> default or not? |
| 78 |
> |
| 79 |
|
| 80 |
Sure...why don't we also poll the user base if reiserfs 4 should be the |
| 81 |
default fs of Gentoo? The point here is that sometimes the developers |
| 82 |
know better. |
| 83 |
|
| 84 |
Steve |
| 85 |
|
| 86 |
|
| 87 |
|
| 88 |
-- |
| 89 |
gentoo-dev@g.o mailing list |
Archives