1 |
On Fri, 8 Jun 2012 16:07:56 +0100 |
2 |
Jorge Martínez López <jorgeml@×××××.com> wrote: |
3 |
|
4 |
> Hi there! |
5 |
> |
6 |
> I run Hardened in my desktop and it mostly works. |
7 |
> |
8 |
> When I switched profiles I looked at which use flags changed using |
9 |
> "emerge -pudvN world" and then I enabled them manually using ufed. |
10 |
> |
11 |
> With Hardened forget using Skype. PaX will kill multimedia |
12 |
> applications such as Totem, use paxctl to solve this. I have some |
13 |
> issues with Phython applications such as Gwibber and Hotot, the only |
14 |
> way to solve it seems to use paxctl with the python binary, which I am |
15 |
> not willing to. |
16 |
> |
17 |
> Greetings, |
18 |
|
19 |
+1 for using Hardened as a desktop. Skype should work with PaX now; |
20 |
it used to need an exact paxctl command to get running but its ebuild |
21 |
now sets that. |
22 |
|
23 |
Is there a nice way that you can un-pax-mark Python(/etc.) through |
24 |
Portage, or do you have to do it manually? (And does that horribly |
25 |
break Portage?) Personally I'm a little concerned about the Firefox + |
26 |
Chromium pax-marks; one day I'll get grsec set up... |
27 |
|
28 |
It would be nice if there were desktop Hardened profiles though. The |
29 |
only reason I maintain a full set of USE flags in make.conf is so that |
30 |
it is portable between hardened and regular. |
31 |
|
32 |
Cheers, |
33 |
Bryan |