From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-81976-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 838761396D0
	for <garchives@archives.gentoo.org>; Tue, 29 Aug 2017 10:22:10 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 821BDE0ED0;
	Tue, 29 Aug 2017 10:22:03 +0000 (UTC)
Received: from blaine.gmane.org (unknown [195.159.176.226])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 2791CE0E08
	for <gentoo-dev@lists.gentoo.org>; Tue, 29 Aug 2017 10:22:03 +0000 (UTC)
Received: from list by blaine.gmane.org with local (Exim 4.84_2)
	(envelope-from <lnx-gentoo-dev@m.gmane.org>)
	id 1dmdeV-0007qf-2u
	for gentoo-dev@lists.gentoo.org; Tue, 29 Aug 2017 12:21:47 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: gentoo-dev@lists.gentoo.org
From: Duncan <1i5t5.duncan@cox.net>
Subject: [gentoo-dev] Re: Guidelines for dangerous USE flags
Date: Tue, 29 Aug 2017 10:21:28 +0000 (UTC)
Message-ID: <pan$b2c1b$a5c3d588$9808626a$30020d4f@cox.net>
References: <17347fd7-d6ed-4c08-8d02-24df9237b576@gentoo.org>
	<20170822173751.GA18719@gentoo.org>
	<pan$31fa8$2869469$a0faf664$62b090b8@cox.net>
	<20170829211332.61f19e10@katipo2.lan>
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Complaints-To: usenet@blaine.gmane.org
User-Agent: Pan/0.143 (Quaint little villages here and there; caf13eb07)
X-Archives-Salt: 5928659d-e8d6-4150-a290-ac6b807857f6
X-Archives-Hash: c480abcb56e7af5e36a7b9b934d78188

Kent Fredric posted on Tue, 29 Aug 2017 21:21:09 +1200 as excerpted:

> On Thu, 24 Aug 2017 03:06:13 +0000 (UTC)
> Duncan <1i5t5.duncan@cox.net> wrote:
> 
>> nrpe-command-args-SECURITY-HOLE or just nrpe-GAPING-SECURITY-HOLE
> 
> That's probably excessive, if you set that USE flag globally, you
> deserve what you get.
> 
> And if you are responsible and you know what you're getting, then you
> should be allowed to do that ( even though I struggle to understand why
> )

Good point.

(And the global-use "why" might conceivably be creating a deliberate 
multiple-vulnerability distro for people to test their exploit abilities 
and techniques on, like the one I remember reading about awhile back.  
Unfortunately IDR the name, but someone will likely reply with it...)

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman