On Thu, 23 Sep 2004 16:28:13 -0400 Ned Ludd <solar@gentoo.org> wrote:
| But the disadvantage here is that we have to explicitly add said USE
| flag to the profiles (which you know a certain somebody might come
| right in and disable it) unless we rename said flag/feature (cuz you
| don't want "no"flags) to something like USE=idiot then the logic in
| ebuilds could work as. use idiot || append-flags -fstack-protector 
| Or perhaps even following in the footsteps of x11-base/xorg which has
| "insecure-drivers" but maybe using the name "insecure-cflags"

They're not 'insecure' CFLAGS. Adding -fstack-protector does not make
your code "more secure". It means that if you have insecure code, you
may or may not suffer reduced consequences if someone tries to do nasty
things to your box.

Also, make sure it's a "use foo &&" style flag, otherwise it can't be
masked where necessary. "use foo ||" things break use.mask.

-- 
Ciaran McCreesh : Gentoo Developer (Sparc, MIPS, Vim, Fluxbox)
Mail            : ciaranm at gentoo.org
Web             : http://dev.gentoo.org/~ciaranm