| 1 |
On Friday 22 May 2015 12:09:34 Alan McKinnon wrote: |
| 2 |
> On 22/05/2015 12:44, Mick wrote: |
| 3 |
> > On Friday 22 May 2015 09:38:46 Neil Bothwick wrote: |
| 4 |
> >> On Fri, 22 May 2015 02:53:17 -0500, Dale wrote: |
| 5 |
> >>>> So I'm the 3rd one in row to state that I haven't had any deleterious |
| 6 |
> >>>> effects that I noticed. |
| 7 |
> >> |
| 8 |
> >> Make that 4. |
| 9 |
> >> |
| 10 |
> >>> When I first emerge a new kernel, I run make mrproper to get a good |
| 11 |
> >>> clean start. |
| 12 |
> >> |
| 13 |
> >> There's no point in that. When you have just emerged the sources, there |
| 14 |
> >> is nothing for mrproper to remove. |
| 15 |
> > |
| 16 |
> > So, coming back to the OP, is it advisable to ignore this message: |
| 17 |
> No. It's in the ebuild and we assume the ebuild writer had a reason for |
| 18 |
> putting it there. The usual reason is that upstream has said their code |
| 19 |
> requires an option to be set. |
| 20 |
> |
| 21 |
> Where would you have gotten the idea that ignoring it is good advice? |
| 22 |
|
| 23 |
Because the emerge did not stop to warn me about it, or require me to |
| 24 |
acknowledge before proceeding. Furthermore it tells me that bad things may |
| 25 |
happen, but doesn't explain what kind of bad things, referring to a URL if |
| 26 |
space does not allow. At this stage I am guessing that chromium's sandboxing |
| 27 |
mechanism is changed and it now requires a different memory allocation |
| 28 |
mechanism than what I had previously configured in my kernel. Having to |
| 29 |
configure my kernel to get a browser working sounds quite intrusive so I am |
| 30 |
worried some more. |
| 31 |
|
| 32 |
Looking at the changelog and then at bugs referred to there, I eventually |
| 33 |
arrived at CVE-2015-1252 [1] where the problem is explained: |
| 34 |
|
| 35 |
In any case, I think that something like this should invite user input at the |
| 36 |
start of the ebuild, rather than at the end? I haven't figured out yet if I |
| 37 |
will need to reinstall chromium after I have reconfigured my kernel ... in |
| 38 |
which case the warning should definitely come at the start of the ebuild. |
| 39 |
|
| 40 |
[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252 |
| 41 |
|
| 42 |
-- |
| 43 |
Regards, |
| 44 |
Mick |
Archives