On Thu, 24 Aug 2017 03:06:13 +0000 (UTC)
Duncan <1i5t5.duncan@cox.net> wrote:

> nrpe-command-args-SECURITY-HOLE
> or just
> nrpe-GAPING-SECURITY-HOLE

That's probably excessive, if you set that USE flag globally, you
deserve what you get.

And if you are responsible and you know what you're getting, then you
should be allowed to do that ( even though I struggle to understand why
)

For everything else there are etc/portage/package.use

Or maybe it could be a required-use:

REQUIRED_USE="nrpe? ( GAPING_SECURITY_HOLE )"

Alternatively, you could have a pkg_pretend like:

pkg_pretend() {
   if [[use nrpe && ! has "${CATEGORY}/${PN}" "${GAPING_SECURITY_HOLE}" ]]; then
     einfo "nrpe feature introduces a security risk where in blah blah"
     einfo "     blah, please read https://wiki.gentoo.org/etc/etc for"
     einfo "     details and how to enable this"
     die "Security Hole Not Permitted"
   fi
}

But I say that only because current REQUIRED_USE feature makes it nigh
impossible to understand from a human perspective what that assertion
means.