From: Sven Vermeulen <swift@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Guidelines for dangerous USE flags
Date: Tue, 22 Aug 2017 17:37:51 +0000 [thread overview]
Message-ID: <20170822173751.GA18719@gentoo.org> (raw)
In-Reply-To: <17347fd7-d6ed-4c08-8d02-24df9237b576@gentoo.org>
On Tue, Aug 22, 2017 at 01:22:51PM -0400, Michael Orlitzky wrote:
> The net-analyzer/nrpe package has a ./configure flag:
>
> --enable-command-args allows clients to specify command arguments. ***
> THIS IS A SECURITY RISK! *** Read the SECURITY
> file before using this option!
>
> Back in nrpe-2.x, it was available via USE=command-args, but I dropped
> it from nrpe-3.x, and a user just asked about it (bug 628596). There are
> at least two things we could do with a dangerous flag like that:
>
> 1) require EXTRA_ECONF to enable it.
> 2) hide it behind a masked USE flag.
>
> Both options require about the same amount of work from the user, namely
> editing something under /etc/portage. What do y'all think is the best
> way to proceed? Are there other examples in the tree I could follow?
I like the masked USE flag approach. Using EXTRA_ECONF requires a bit more
work from the user (not much though) but is less visible afterwards in my
opinion.
Perhaps a name that implies that there is a security risk could be
interesting, but that's a minor suggestion.
Is there a way we could somehow ensure that a USE flag is never set
globally, but only on a per-package basis?
Wkr,
Sven Vermeulen
next prev parent reply other threads:[~2017-08-22 17:37 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-22 17:22 [gentoo-dev] Guidelines for dangerous USE flags Michael Orlitzky
2017-08-22 17:37 ` Sven Vermeulen [this message]
2017-08-24 3:06 ` [gentoo-dev] " Duncan
2017-08-29 9:21 ` Kent Fredric
2017-08-29 10:21 ` Duncan
2017-08-22 18:44 ` [gentoo-dev] " Robin H. Johnson
2017-08-24 15:22 ` Michael Orlitzky
2017-08-25 22:07 ` William Hubbs
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170822173751.GA18719@gentoo.org \
--to=swift@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox