| 1 |
2011/10/20 Anthony G. Basile <blueness@g.o>: |
| 2 |
|
| 3 |
> USE=hardened refers to only toolchain hardening. The problems there are |
| 4 |
> mostly packages which break with PIE because they (ab)use assembly. |
| 5 |
> Things like virtualbox and some codecs. This can become a thorny mess. |
| 6 |
> |
| 7 |
> It would probably be nearly painless to bring in -D_FORTIFY_SOURCES=2 |
| 8 |
> and ssp into mainstream though. Packages which break because of either |
| 9 |
> of those two features are broken and should be fixed anyhow. |
| 10 |
> |
| 11 |
|
| 12 |
This sounds like good idea to do so, |
| 13 |
I would say that most hardened features should be merged to to main |
| 14 |
profile as soon as they won't cause major PITA for the regular users. |
| 15 |
|
| 16 |
Cheers |
| 17 |
|
| 18 |
Tom |
Archives