From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1N2rC5-0004P5-1D for garchives@archives.gentoo.org; Tue, 27 Oct 2009 18:54:57 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6C9FAE08F9; Tue, 27 Oct 2009 18:53:42 +0000 (UTC) Received: from mail-ew0-f206.google.com (mail-ew0-f206.google.com [209.85.219.206]) by pigeon.gentoo.org (Postfix) with ESMTP id 2B890E08F9 for ; Tue, 27 Oct 2009 18:53:42 +0000 (UTC) Received: by ewy2 with SMTP id 2so12967ewy.34 for ; Tue, 27 Oct 2009 11:53:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=a4rP7KazynjQwmJBaHQ8JodJNvGvQChC8PEeiGZZf1c=; b=h4dyGplzoBpKny+ryoHkyb/0z5QbeaZ89rRZgLX7eVoAY71rrk8X/NNV4sPMaS7mL2 Wpl02v/aiOLiFnQWNrEuLvQobmvpalS3FaJTAy5/XT2k2xn1zcerpIiT0rlu8LKiRDnS GcSABo1mpR8/eI2idSNHHI0s+O4ZIDodqZzFU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=DCFYwEmsKK1k0yg+MCMaEMUVlAiE7VGS8ES2CVaYKeHbQ3BItH8Xi73nChvktT8vGd myzjrHTn1JmgWfDGsyuKCszEzoRU+cjawNsdUfqkIecx1ruGYruElI3//RwVr53Egtwy MOX5vWPCGMk+nhSDAT7D/aoBcElvFW6QEd88g= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Received: by 10.211.154.18 with SMTP id g18mr2173816ebo.65.1256669621673; Tue, 27 Oct 2009 11:53:41 -0700 (PDT) In-Reply-To: <4ADB623D.4040204@orlitzky.com> References: <49bf44f10910180842t3d34efd5h20af2a937d75bb1c@mail.gmail.com> <4ADB623D.4040204@orlitzky.com> Date: Tue, 27 Oct 2009 11:53:41 -0700 Message-ID: <49bf44f10910271153p76c152edw2f839c134e467117@mail.gmail.com> Subject: Re: [gentoo-hardened] gcc-4.3.4 stabilized for a hardened profile? From: Grant To: gentoo-hardened@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: fe83c711-4e86-46e1-bee3-21beed6aee3a X-Archives-Hash: f509aa84ea49e205c9a61ebbd0e2b2ae >> I've been stuck on gcc-3.4.6 on my hardened profile system (currently: >> hardened/linux/amd64/10.0) for a very long time. =A0Now it looks like >> gcc-4.3.4 has been stabilized for hardened profiles. =A0Has anyone >> tested it? =A0This system is critical for me, so I've got to be careful. >> >> - Grant >> > > A lot of us have been testing the new GCC for a while now using the > hardened-development overlay. It's as stable as 3.4.x was in my experienc= e. > > About a year and a half ago, I reformatted a laptop and started from scra= tch > using gcc-4.x from the overlay, because what the hell. Many issues from t= he > gcc-3.x era actually cleared up with the new toolchain. Once I convinced > myself that things were working correctly, I began to migrate "real" syst= ems > to the development GCC one at a time. > > All of my personal machines are using gcc-4.x, and things work much bette= r > on the desktop than they did with gcc-3.x. Many of our servers have also > been migrated: web, database, dns, mail, monitoring, firewall, etc. all w= ork > fine. I have noticed absolutely no difference (either positive or negativ= e) > on those machines. > > In short, switching your default compiler with gcc-config isn't going to > change anything. Test any new packages/upgrades just as you would have wi= th > gcc-3.x. That's great. I'm up against a mysql upgrade that doesn't want to go through without the new gcc, so I'm going for it now. I have 4 desktops on a non-hardened profile and 1 server on a hardened profile. I'd love to put the desktops on a hardened profile with this new gcc. Can I switch from non-hardened to hardened? - Grant