| 1 |
On Wed, 22 Sep 2004 11:54:55 -0400 John Richard Moser |
| 2 |
<nigelenki@×××××××.net> wrote: |
| 3 |
| I believe it would be a good idea to have such a FEATURES or USE flag |
| 4 |
| on by default in all profiles where SSP is supported. In this manner, |
| 5 |
| the major targets of security attacks would automatically be |
| 6 |
| protected; while still allowing the user to disable the protection if |
| 7 |
| the user desires. Users wanting more protection can simply add |
| 8 |
| -fstack-protector to CFLAGS, or use Hardened Gentoo. |
| 9 |
|
| 10 |
Personally, I don't see the point in an ugly hack which occasionally |
| 11 |
sort of protects you from badly written code... The option's there for |
| 12 |
anyone who really wants it, but we tend more towards a "turn most things |
| 13 |
off unless the user asks for them" approach, hence the relatively low |
| 14 |
number of things turned on in the default USE settings. |
| 15 |
|
| 16 |
| Any comments? Would this be more suitable as a USE or a FEATURES |
| 17 |
| setting? |
| 18 |
|
| 19 |
FEATURES, not USE. |
| 20 |
|
| 21 |
-- |
| 22 |
Ciaran McCreesh : Gentoo Developer (Sparc, MIPS, Vim, Fluxbox) |
| 23 |
Mail : ciaranm at gentoo.org |
| 24 |
Web : http://dev.gentoo.org/~ciaranm |
Archives