| 1 |
On 7/11/06, Willie Wong <wwong@×××××××××.edu> wrote: |
| 2 |
> 1. nv still doesn't do 3D acceleration, right? |
| 3 |
|
| 4 |
Yes. |
| 5 |
|
| 6 |
> 2. Is there more information about what "more harm than good" means? |
| 7 |
> I tried googling but the only thing I found was a commit log on |
| 8 |
> solar's website with a one-liner about p.masking nvidia-kernel. I |
| 9 |
> want to know what kind of problems that nvidia drivers incur so I |
| 10 |
> can decided whether to give up 3D acceleration, the hardened |
| 11 |
> profile, or ignore solar's advice and unmask the packages. |
| 12 |
|
| 13 |
Well, see what the hardened handbook has to say about binary drivers and x.org: |
| 14 |
http://www.gentoo.org/proj/en/hardened/hardenedxorg.xml#doc_chap4 |
| 15 |
|
| 16 |
I also found this bug: |
| 17 |
http://bugs.gentoo.org/show_bug.cgi?id=139047 |
| 18 |
|
| 19 |
There may also be a valid security concern with binary-only kernel |
| 20 |
modules: since they cannot be audited for security, one should assume |
| 21 |
that they are horribly insecure. Any exploit here could comprimise |
| 22 |
the entire system, so one could argue they are totally inappropriate |
| 23 |
for a 'hardened' system. |
| 24 |
|
| 25 |
> 3. Is this (the fact that I am running a hardened profile) the reason |
| 26 |
> that if I 'emerge --pretend --update xorg-x11 --verbose', among the |
| 27 |
> list of VIDEO_CARDS options displayed, I do not see nvidia? |
| 28 |
|
| 29 |
That is correct. video_cards_nvidia is in the hardened profile's use.mask. |
| 30 |
|
| 31 |
-Richard |
| 32 |
-- |
| 33 |
gentoo-user@g.o mailing list |
Archives