From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-project+bounces-3573-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (unknown [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 4DB771381FA
	for <garchives@archives.gentoo.org>; Sat, 10 May 2014 15:51:07 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id C8193E0A83;
	Sat, 10 May 2014 15:51:06 +0000 (UTC)
Received: from mail-ve0-f177.google.com (mail-ve0-f177.google.com [209.85.128.177])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 3F96FE0A63
	for <gentoo-project@lists.gentoo.org>; Sat, 10 May 2014 15:51:06 +0000 (UTC)
Received: by mail-ve0-f177.google.com with SMTP id db11so6688908veb.22
        for <gentoo-project@lists.gentoo.org>; Sat, 10 May 2014 08:51:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:sender:in-reply-to:references:date:message-id:subject
         :from:to:content-type;
        bh=ep8oLSCWfX1st1B6Ph0VQbfasMIsVOxHxcVOo2xLxMY=;
        b=p/ED6p0c+wcs2LNwnGCN4pK+dSxTAgsIsgJJHWAJuFJgG+PunAxARC/RA5FQn9H+iW
         lCVw3P+UXzG7s5wAwJ9e/i/u01dd/G41GjT+nUUmx8SPs8281P0mim+NqdUiyUwAuOz0
         fkA1fiiALRnZzt7GfdkOCSvCWleTmdMQwdIL3FKUMAIW8wxrjMZjRRd/yBollwtqsBqi
         FBAaHTFCu5fsYhGRlY+JaD02WzTfwJrw2NlYXhTqLPqrhFrMKHMhfbOtXJnMXGp95EGU
         5YTEBOMH5hoxkehUIZxM6tiq6sXn0mkKLfHEmXcDsRJWQ85b0CkcpKd2S8g/w+cZOngm
         xlTQ==
Precedence: bulk
List-Post: <mailto:gentoo-project@lists.gentoo.org>
List-Help: <mailto:gentoo-project+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-project+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-project+subscribe@lists.gentoo.org>
List-Id: Gentoo Project discussion list <gentoo-project.gentoo.org>
X-BeenThere: gentoo-project@lists.gentoo.org
Reply-To: gentoo-project@lists.gentoo.org
MIME-Version: 1.0
X-Received: by 10.220.92.135 with SMTP id r7mr13616138vcm.11.1399737065610;
 Sat, 10 May 2014 08:51:05 -0700 (PDT)
Sender: freemanrich@gmail.com
Received: by 10.52.53.201 with HTTP; Sat, 10 May 2014 08:51:05 -0700 (PDT)
In-Reply-To: <536E48AD.3060007@gentoo.org>
References: <CAGfcS_n-u9T7xec7YGumsnkMXRRnHWQ2i+3SEha+69veSP--WQ@mail.gmail.com>
	<CAGfcS_nc5DRqy5urW9WjqgD2EKvmc5Ls7Pee2h4Z73xpnx0Q9Q@mail.gmail.com>
	<CAKmKYaDLUA2QzjyyBp1GV1sT+oHYdNDuT8+DU7qq6DvcYuK0cQ@mail.gmail.com>
	<robbat2-20140510T024653-854771520Z@orbis-terrarum.net>
	<536DC13A.4050606@gentoo.org>
	<536E48AD.3060007@gentoo.org>
Date: Sat, 10 May 2014 11:51:05 -0400
X-Google-Sender-Auth: YBFYiDQAtm5vHPMl9Tn6RPaTigY
Message-ID: <CAGfcS_=yYmzvxXM4Eq8fADDY-8tqhqd5nWKkWD+mV6m6kBQEkQ@mail.gmail.com>
Subject: Re: [gentoo-project] Re: Call For Agenda Items - 13 May 2014
From: Rich Freeman <rich0@gentoo.org>
To: gentoo-project@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
X-Archives-Salt: cbd6cf29-fc4c-4e81-b66e-70cabae867da
X-Archives-Hash: d02f19b55bb9d838245bb1ad102397bd

On Sat, May 10, 2014 at 11:41 AM, Markos Chandras <hwoarang@gentoo.org> wrote:
> I also agree but I would also like to mention that I do not think
> discussing the 'default USE flags' is so important. Anyone who cares
> about security or production use of openssh he/she should be able to
> figure out the good default for him/her and disable those that he/she
> consider dangerous. Why people are so nervous about the default use
> flags? it's a simple one line in package.use to configure your package
> they way you want to. In my opinion, the default use flags should be
> left at maintainers' discretion

Well, I'm all for security being a consideration, but it is still up
to maintainer's discretion.  The most minimal configuration is not
necessarily the most secure.

For all we know the next openssl vulnerability will only affect people
who don't have tls-heartbeat enabled.

Rich