From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-49547-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RpQpo-0002Ck-DR
	for garchives@archives.gentoo.org; Mon, 23 Jan 2012 20:49:48 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 2FC51E0DC7;
	Mon, 23 Jan 2012 20:49:25 +0000 (UTC)
Received: from mail-ww0-f53.google.com (mail-ww0-f53.google.com [74.125.82.53])
	by pigeon.gentoo.org (Postfix) with ESMTP id A9A02E0DA6
	for <gentoo-dev@lists.gentoo.org>; Mon, 23 Jan 2012 20:48:20 +0000 (UTC)
Received: by wgbdr12 with SMTP id dr12so2160206wgb.10
        for <gentoo-dev@lists.gentoo.org>; Mon, 23 Jan 2012 12:48:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=sender:message-id:date:from:user-agent:mime-version:to:subject
         :references:in-reply-to:x-enigmail-version:content-type
         :content-transfer-encoding;
        bh=312FgZGrcwK1Y75eyoYxMuc0YiDbQKolNOr5v6gT3Ds=;
        b=BuTCnsXhaBdbXcT9YAuJwgll7309FgjLhktsegiM4FAj4VD81hHkVFm0+cJH5z/Gtv
         tDYSPvmD1UV92FGCO/Pmzar6zmNeIJlz7RuQyXfXcIkOcoFsODX4QKWTmn0WyDEojDK+
         DM5mpqluPGVz2IQvWVh1L1Xna1I2wMhGq4p5k=
Received: by 10.180.83.35 with SMTP id n3mr6090569wiy.14.1327351699921;
        Mon, 23 Jan 2012 12:48:19 -0800 (PST)
Received: from [192.168.1.65] (93-97-149-234.zone5.bethere.co.uk. [93.97.149.234])
        by mx.google.com with ESMTPS id j16sm6809078wie.4.2012.01.23.12.48.18
        (version=SSLv3 cipher=OTHER);
        Mon, 23 Jan 2012 12:48:18 -0800 (PST)
Sender: Markos Chandras <markos.chandras@gmail.com>
Message-ID: <4F1DC790.50801@gentoo.org>
Date: Mon, 23 Jan 2012 20:48:16 +0000
From: Markos Chandras <hwoarang@gentoo.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111222 Thunderbird/9.0.1
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Re: Can we get PIE on all SUID binaries by default,
 por favor?
References: <CAHmME9oDzehZRbOM90u4viQa+xQuHQGyZfcvtqY-8JEWfDSUdA@mail.gmail.com> <1327346549.60706.35.camel@titan.home.flameeyes.eu> <CAHmME9q1-C3i35G3rWjpiSS5+S-MLKeLfhiA_X_DyOVCv0WH+Q@mail.gmail.com> <1327347460.60706.44.camel@titan.home.flameeyes.eu> <CAHmME9r_7J8+6jLK+Fc36F8XiMny6pmaL7E3n4DfOtoFTrj4pQ@mail.gmail.com>
In-Reply-To: <CAHmME9r_7J8+6jLK+Fc36F8XiMny6pmaL7E3n4DfOtoFTrj4pQ@mail.gmail.com>
X-Enigmail-Version: 1.3.4
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 1b262fc3-16f2-4dd7-878e-fc2303fa02e8
X-Archives-Hash: d9adb99cb8c37e66f5c9c973e494e750

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 01/23/2012 07:40 PM, Jason A. Donenfeld wrote:
> 
> What I propose is just to /detect/ at merge-time whether or not
> there are SUID binaries that are not PIE, and if so, spit out a Q&A
> warning.
> 
> That way, package maintainers could fix things up bit by bit,
> without having to burden you alone with tinderbox troubles.

This actually sounds a great idea. It probably worth opening a feature
request for portage using our bugzilla.

- -- 
Regards,
Markos Chandras / Gentoo Linux Developer / Key ID: B4AFF2C2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)

iQIcBAEBCgAGBQJPHcePAAoJEPqDWhW0r/LCGvwP/03SWLvj9L7DzWq4hRyvOFUB
t0ugAPv+D3xT1dyAY6QarPWAMotfPPk2LTSR2y4yvxqt8mYoW0xablTB9S+V5YSn
QbBJOQ+lsWzr0Qv5OcWBWWIeOIdyVfX7eMer9YTD1T+zVVOixU0P9T60zq0F6VmI
7Sk/wmFVmj0Tm3iqS9rWkA6aik5TVTKN4NdjqEoOlyZUqNtdgqnChf3eWlWdK/tK
nctze3JRdQdXVcY4q4JHh+cwR099wBL61BzCB9lrwc0HCfKBU3oKrqU29ZjKsDfQ
xtOgOmh0pCVuPtbHnVHC+YWGmBpoRuExaDa5PMbCCrQPi/bcQioMa6XaVmkJqJ7M
bcj5ArCEuE7+66iUvhjwv2vMyA9Vm5RLCpc7YN7dfLwsT+d/2W6+CtRkr38v+mGd
OcFiCfcw3tPoUvZwL+RrAk1rXb3mL4in3XeKwwshq6VjIajKfX29h99YazeZ1X5N
WErKapz9t6pdEcfurXMZJb2WeLljKHI9DkRcOXvK9mb4dDbKk20+KeQ646N5pJCS
c6pJnoU1R8zXPNeP+xAKvaRslubXNmY6mPfE5Lqmzz0DLYi7BMHjP3Cjx30kc9hz
SwiqoEPSdPE4dzQhqP5EGXZkxgUhCu4IaeCWVCh/sP67QZk8dElBJ9nj14w++Kxr
CGNbH7oBy5y5vNAd+LCr
=glKZ
-----END PGP SIGNATURE-----