| 1 |
On Sun, 7 Nov 2004 13:18:24 +0000 Chris Bainbridge |
| 2 |
<chris.bainbridge@×××××.com> wrote: |
| 3 |
| On Sun, 7 Nov 2004 12:32:27 +0000, Ciaran McCreesh |
| 4 |
| <ciaranm@g.o> wrote: |
| 5 |
| > Get your facts straight before starting off on that again. This "run |
| 6 |
| > around like a headless chicken whenever someone says the word |
| 7 |
| > 'security'" mentality is getting rather tedious. |
| 8 |
| |
| 9 |
| I created bug #5902 (http://bugs.gentoo.org/show_bug.cgi?id=5902) on |
| 10 |
| 2/8/2002. There are a lot of people cc'd on that bug, and the severity |
| 11 |
| got upgraded to critical. Despite that the problem still exists over 2 |
| 12 |
| years later. Maybe you think that being concerned about such a |
| 13 |
| fundamental security problem in gentoo is "running around like a |
| 14 |
| headless chicken". I, however, disagree. |
| 15 |
|
| 16 |
Read context. -fstack-protector == headless chicken. I didn't say that |
| 17 |
eclass / ebuild signing was a bad idea. Heck, I've been signing ebuilds |
| 18 |
for longer than most of the people on our 'security' team. |
| 19 |
|
| 20 |
-- |
| 21 |
Ciaran McCreesh : Gentoo Developer (Vim, Fluxbox, Sparc, Mips) |
| 22 |
Mail : ciaranm at gentoo.org |
| 23 |
Web : http://dev.gentoo.org/~ciaranm |
Archives