1 |
> |
2 |
> Ciaran, |
3 |
> |
4 |
> Go back and reread your own posts you seem to be contradicting yourself. |
5 |
> |
6 |
> If you have anything further constructive to add then lets hear it. Otherwise |
7 |
> changing the default CFLAGS in make.conf is the sensible way forward. Please |
8 |
> remember nobody is forcing you to stick to the default CFLAGS. |
9 |
> |
10 |
> I'm bored with this argument. |
11 |
> |
12 |
> Bart |
13 |
|
14 |
Regardless of what you, I, or anybody else thinks about security, |
15 |
wouldn't you agree it is a bad thing to include default CFLAGS in |
16 |
make.conf that potentially a) break compilations, b) impact performance, |
17 |
and/or c) introduce bug reports to upstream maintainers about why their |
18 |
program isn't building or working right, or why it is slow? |
19 |
|
20 |
I've spent time in #gentoo, and have seen how badly people break their |
21 |
CFLAGS. There is no point in helping them break their CFLAGS. Why not |
22 |
simply put a blurb about SSP in the install handbook detailing what |
23 |
those CFLAGS do, including the pros/cons. Then, new users can choose |
24 |
whether they want them or not. I think new users are far more likely to |
25 |
just add to the default CFLAGS instead of removing them. If they have |
26 |
read the docs and weighed out the potential benefits or problems, I |
27 |
think this is a much better situation than just adding them because you |
28 |
think that security should be the priority of every install. |
29 |
|
30 |
Steve |
31 |
|
32 |
|
33 |
-- |
34 |
gentoo-dev@g.o mailing list |