| 1 |
On Fri, 8 Jun 2012 16:07:56 +0100 |
| 2 |
Jorge Martínez López <jorgeml@×××××.com> wrote: |
| 3 |
|
| 4 |
> Hi there! |
| 5 |
> |
| 6 |
> I run Hardened in my desktop and it mostly works. |
| 7 |
> |
| 8 |
> When I switched profiles I looked at which use flags changed using |
| 9 |
> "emerge -pudvN world" and then I enabled them manually using ufed. |
| 10 |
> |
| 11 |
> With Hardened forget using Skype. PaX will kill multimedia |
| 12 |
> applications such as Totem, use paxctl to solve this. I have some |
| 13 |
> issues with Phython applications such as Gwibber and Hotot, the only |
| 14 |
> way to solve it seems to use paxctl with the python binary, which I am |
| 15 |
> not willing to. |
| 16 |
> |
| 17 |
> Greetings, |
| 18 |
|
| 19 |
+1 for using Hardened as a desktop. Skype should work with PaX now; |
| 20 |
it used to need an exact paxctl command to get running but its ebuild |
| 21 |
now sets that. |
| 22 |
|
| 23 |
Is there a nice way that you can un-pax-mark Python(/etc.) through |
| 24 |
Portage, or do you have to do it manually? (And does that horribly |
| 25 |
break Portage?) Personally I'm a little concerned about the Firefox + |
| 26 |
Chromium pax-marks; one day I'll get grsec set up... |
| 27 |
|
| 28 |
It would be nice if there were desktop Hardened profiles though. The |
| 29 |
only reason I maintain a full set of USE flags in make.conf is so that |
| 30 |
it is portable between hardened and regular. |
| 31 |
|
| 32 |
Cheers, |
| 33 |
Bryan |
Archives