From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <gentoo-dev-return-16004-arch-gentoo-dev=gentoo.org@lists.gentoo.org> Received: (qmail 2076 invoked from network); 24 Sep 2004 06:34:05 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 24 Sep 2004 06:34:05 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.41) id 1CAjef-0004Mh-Bf for arch-gentoo-dev@lists.gentoo.org; Fri, 24 Sep 2004 06:34:05 +0000 Received: (qmail 2962 invoked by uid 89); 24 Sep 2004 06:34:04 +0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: <mailto:gentoo-dev@gentoo.org> List-Help: <mailto:gentoo-dev-help@gentoo.org> List-Unsubscribe: <mailto:gentoo-dev-unsubscribe@gentoo.org> List-Subscribe: <mailto:gentoo-dev-subscribe@gentoo.org> List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org> X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 5045 invoked from network); 24 Sep 2004 06:34:04 +0000 Message-ID: <13cc2f78040923233419980824@mail.gmail.com> Date: Fri, 24 Sep 2004 02:34:01 -0400 From: Colin Kingsley <ckingsley@gmail.com> Reply-To: Colin Kingsley <ckingsley@gmail.com> To: gentoo-dev@lists.gentoo.org, gentoo-security@lists.gentoo.org In-Reply-To: <1096005720.12931.107.camel@simple> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <4151A04F.5090304@comcast.net> <41524A85.1020402@comcast.net> <1095917198.29656.64.camel@simple> <415289CF.7070708@gentoo.org> <4152D819.4070205@gentoo.org> <415392BD.1010905@comcast.net> <1096005720.12931.107.camel@simple> Subject: Re: [gentoo-dev] Re: Stack smash protected daemons X-Archives-Salt: e784c813-bad5-473d-a9d1-486c20042015 X-Archives-Hash: 8b16eafef24a01c5c5939a687c9c003c On Fri, 24 Sep 2004 02:02:00 -0400, Ned Ludd <solar@gentoo.org> wrote: > dammit are we over complicating this? > You guys seem to be hung up on silly USE/FEATURE flag names. > How about we as Ciaran McCreesh proposed just add it to CFLAGS by > default and deploy stages in such a manner. > Solves everything for most cases and leave the option up to the user to > disable if he/she wants to. I agree with that. The prospect of some complex FEATURES/USE system adding CFLAGS scares me. The issue of weather -fstack-protector in CFLAGS would take precedence over its addition or removal by FEATURES/USE related functions could get needlessly confusing, and adding it globally cant be that big a performance hit. Also, things get more confusing when you keep in mind that some users will want it globally while some will want it only on at-risk packages. I'd be all for a selective SSP system, but please, keep it simple. Colin -- gentoo-dev@gentoo.org mailing list