On Thu, 09 Jan 2014 17:29:26 -0500
"Rick \"Zero_Chaos\" Farina" <zerochaos@gentoo.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 01/09/2014 05:21 PM, Michał Górny wrote:
> > Dnia 2014-01-09, o godz. 17:06:52
> > "Anthony G. Basile" <blueness@gentoo.org> napisał(a):
> > 
> >> On 01/09/2014 04:57 PM, Pacho Ramos wrote:
> >>> What are the advantages of disabling SSP to deserve that "special"
> >>> handling via USE flag or easily disabling it appending the flag?
> >>
> >> There are some cases where ssp could break things.  I know of once case 
> >> right now, but its somewhat exotic.  Also, sometimes we *want* to break 
> >> things for testing.  I'm thinking here of instance where we want to test 
> >> a pax hardened kernel to see if it catches abuses of memory which would 
> >> otherwise be caught by executables emitted from a hardened toolchain.  
> >> Take a look at the app-admin/paxtest suite.
> > 
> > Just to be clear, are we talking about potential system-wide breakage
> > or single, specific packages being broken by SSP? In other words, are
> > there cases when people will really want to disable SSP completely?
> > 
> > Unless I'm misunderstanding something, your examples sound like you
> > just want -fno-stack-protector per-package. I don't really think you
> > actually want to rebuild whole gcc just to do some testing on a single
> > package...
> > 
> Or just as easily set -fno-stack-protector in CFLAGS in make.conf.
> 
> I never felt manipulating cflags with use flags was a great idea, but in
> this case is does feel extra pointless.
> 
> Personally I don't feel this is needed, and the added benefit of
> clearing up a bogus "noblah" use flag makes me smile.
> 
> Zorry, do we really need this flag?

Yes, we do.  I want a way to disable it at a toolchain level.


-- 
Ryan Hill                        psn: dirtyepic_sk
   gcc-porting/toolchain/wxwidgets @ gentoo.org

47C3 6D62 4864 0E49 8E9E  7F92 ED38 BD49 957A 8463