| 1 |
On 04/21/2012 07:05 AM, Anthony G. Basile wrote: |
| 2 |
> Hi everyone, |
| 3 |
> |
| 4 |
> I'd like to remove USE="-unicode" from make.defaults at the root level |
| 5 |
> of all hardened profiles. The request came from jmbsvicetto because he |
| 6 |
> required it for the hardened stages to build, but to be honest, I don't |
| 7 |
> know why we have it disabled in hardened and its probably leftover cruft |
| 8 |
> from days gone by. |
| 9 |
> |
| 10 |
> Any reason not to, else its gone. |
| 11 |
> |
| 12 |
> |
| 13 |
|
| 14 |
A few of our servers have it enabled (http, mail), but others don't |
| 15 |
(vpn, firewall, nagios). |
| 16 |
|
| 17 |
I think the hardened profile should default to having stuff disabled, |
| 18 |
unless there's a reason to enable it. Every little bit increases your |
| 19 |
surface area. |
| 20 |
|
| 21 |
But I'm sure jmbsvicetto knows what he's doing, so that principle may |
| 22 |
not apply here. If it's required, turn it on. |
Archives