| 1 |
On сб, 2004-09-25 at 20:26, Bart Lauwers wrote: |
| 2 |
> -----BEGIN PGP SIGNED MESSAGE----- |
| 3 |
> Hash: SHA1 |
| 4 |
> |
| 5 |
> Having read the whole thread here are some I feel important points to be made: |
| 6 |
> 1) Safety is important, it should be our aim to have our default system as |
| 7 |
> secure as it possibly could be. Just look at the reviews some OS providers |
| 8 |
> get over security. A good computer system should be protected against bad |
| 9 |
> code as much as possible. |
| 10 |
> 2) The risk is real and errors against this seem common. |
| 11 |
> 3) A good housefather does not leave the front door of any home open at |
| 12 |
> night. |
| 13 |
> 4) Protection is possible/available (to a degree) at system level. |
| 14 |
> 5) most people prefer to know they can have a reasonable trust in their |
| 15 |
> computer system to operate reliably and consistently by default |
| 16 |
> |
| 17 |
> Here are some of the things not to like about what is proposed so far: |
| 18 |
> 1) Adjusting all ebuilds (not very productive, only adds clutter to ebuilds) |
| 19 |
> 2) Making new features, use flags whatever (same idea) |
| 20 |
> 3) Not doing anything would not be very responsible |
| 21 |
> |
| 22 |
> What I propose to do (pick the low hanging fruit): |
| 23 |
> 1) Add stack protector and and any similar 'features' stable in hardened to |
| 24 |
> the default CLFAGS of the gentoo install/profiles. By stable I mean things |
| 25 |
> which do not break the majority of functionality. |
| 26 |
> 2) broken ebuilds can filter-flags until fixed (better approach since you are |
| 27 |
> only fixing up ebuilds for broken stuff and may also prompt the devs to try |
| 28 |
> and make the protection work). |
| 29 |
> 3) People who prefer not to be protected can remove the settings from their |
| 30 |
> CFLAGS |
| 31 |
> 4) get stuff virus, spam, etc protection functional and leveraged into the |
| 32 |
> defaults in other words turn on those USE flags in the standard profiles |
| 33 |
> |
| 34 |
> A personal opinion: |
| 35 |
> Anyone who thinks that a speed tradeoff is too much for better protection is |
| 36 |
> crazy. Do us all a favor and play a go night of russian roulette by yourself |
| 37 |
> to get your thrills. |
| 38 |
> |
| 39 |
> There's more to be said on security but I feel too lazy right now to type it |
| 40 |
> so if this isn't convinving you let us know. |
| 41 |
> |
| 42 |
> Cheers, |
| 43 |
> Bart |
| 44 |
> -----BEGIN PGP SIGNATURE----- |
| 45 |
> Version: GnuPG v1.2.4 (GNU/Linux) |
| 46 |
> |
| 47 |
> iD8DBQFBVapCBmJog5qpEKkRAriBAJ4zdBT49QVTvtGrkaXM1XqabfThdQCfdanA |
| 48 |
> xZCyMyIV3+yu+sYf6fVHDuw= |
| 49 |
> =FTfe |
| 50 |
> -----END PGP SIGNATURE----- |
| 51 |
> |
| 52 |
> -- |
| 53 |
> gentoo-dev@g.o mailing list |
| 54 |
> |
| 55 |
Hi, |
| 56 |
Totally agree here. |
| 57 |
1.Best is enable for all minus broken ones till fixed. |
| 58 |
2.Some sort of beginning is needed and think that's easiest and most |
| 59 |
balanced path. Also for the devs. NO USE or FEATURES. |
| 60 |
PS: plus a comment in make.conf for its purpose and a way to disable if |
| 61 |
somebody wishes. |
| 62 |
Thanks |
| 63 |
Rumen |
Archives