From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id A0BD0138CD0 for ; Fri, 22 May 2015 12:43:41 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DDAADE08AB; Fri, 22 May 2015 12:43:34 +0000 (UTC) Received: from mail-wi0-f174.google.com (mail-wi0-f174.google.com [209.85.212.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id AFFCEE0897 for ; Fri, 22 May 2015 12:43:33 +0000 (UTC) Received: by wicmx19 with SMTP id mx19so39387993wic.0 for ; Fri, 22 May 2015 05:43:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:reply-to:to:subject:date:user-agent:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=GNRAu5/vk0Ou5lXIqJWkbvdXQzwMX41sXNYtW5i6h9s=; b=0c2MVLGl0/yHBUJJVJqKTMWAiM26ydRr2o9l6+F3fJ1sCVteYMMNwzBBFUEJpQ9xSY pWfROOSImJvM7l/ZdWDvHmDmXR1IdWzwToVhac293Iy1kpp6vu0j8IDFC5mdWIWxRV6J Bjkll2JVbx7xQ0lS4X2f9ZAxROWS96YkcpAO1hvvdoggGunJwmo2Yl0HYr8y9JZCBpTA T7SFo5kyHLKsOI6n519kJx3x0BaGxwy0axU8SihDkzbFlw4RDTfOJTcKzuZOv5h+tm46 09orghzkLKePhi1kanZMgaTPSyuwDwrg8alMl8TbqyPm2Ve3PRx1vWkdvHG/A83RI2sU S48g== X-Received: by 10.180.109.6 with SMTP id ho6mr7343919wib.58.1432298612596; Fri, 22 May 2015 05:43:32 -0700 (PDT) Received: from dell_xps.localnet (230.3.169.217.in-addr.arpa. [217.169.3.230]) by mx.google.com with ESMTPSA id g5sm3028825wjq.6.2015.05.22.05.43.31 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 22 May 2015 05:43:31 -0700 (PDT) From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] [~and64] Headsup for google-chrome users Date: Fri, 22 May 2015 13:43:27 +0100 User-Agent: KMail/1.13.7 (Linux/3.18.12-gentoo; KDE/4.14.3; x86_64; ; ) References: <201505221144.17145.michaelkintzios@gmail.com> <555F0E6E.9000408@gmail.com> In-Reply-To: <555F0E6E.9000408@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1774079.K7nfB0kb7Z"; protocol="application/pgp-signature"; micalg=pgp-sha256 Content-Transfer-Encoding: 7bit Message-Id: <201505221343.28556.michaelkintzios@gmail.com> X-Archives-Salt: 0896abdc-c60e-457c-b248-11db032b5a60 X-Archives-Hash: 299d511b58ea0e1a9b9b3e9a90febb48 --nextPart1774079.K7nfB0kb7Z Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable On Friday 22 May 2015 12:09:34 Alan McKinnon wrote: > On 22/05/2015 12:44, Mick wrote: > > On Friday 22 May 2015 09:38:46 Neil Bothwick wrote: > >> On Fri, 22 May 2015 02:53:17 -0500, Dale wrote: > >>>> So I'm the 3rd one in row to state that I haven't had any deleterious > >>>> effects that I noticed. > >>=20 > >> Make that 4. > >>=20 > >>> When I first emerge a new kernel, I run make mrproper to get a good > >>> clean start. > >>=20 > >> There's no point in that. When you have just emerged the sources, there > >> is nothing for mrproper to remove. > >=20 > > So, coming back to the OP, is it advisable to ignore this message: > No. It's in the ebuild and we assume the ebuild writer had a reason for > putting it there. The usual reason is that upstream has said their code > requires an option to be set. >=20 > Where would you have gotten the idea that ignoring it is good advice? Because the emerge did not stop to warn me about it, or require me to=20 acknowledge before proceeding. Furthermore it tells me that bad things may= =20 happen, but doesn't explain what kind of bad things, referring to a URL if= =20 space does not allow. At this stage I am guessing that chromium's sandboxi= ng=20 mechanism is changed and it now requires a different memory allocation=20 mechanism than what I had previously configured in my kernel. Having to=20 configure my kernel to get a browser working sounds quite intrusive so I am= =20 worried some more. Looking at the changelog and then at bugs referred to there, I eventually=20 arrived at CVE-2015-1252 [1] where the problem is explained: In any case, I think that something like this should invite user input at t= he=20 start of the ebuild, rather than at the end? I haven't figured out yet if = I=20 will need to reinstall chromium after I have reconfigured my kernel ... in= =20 which case the warning should definitely come at the start of the ebuild. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2015-1252 =2D-=20 Regards, Mick --nextPart1774079.K7nfB0kb7Z Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAABCAAGBQJVXyRwAAoJELAdA+zwE4YeJvAIAJvjxQ4U+HQQRv/W3ZC5awGq i/YIxmiwu/sL82mJ/sAKC9Xew+gIkaLyiZRVagHGgZgszIunMOFJFeIT9+TWtzMT A7WyEmdTMWzWKar7nL4r8Pgs1NHkSXuSeg4tcA4MPeNMxK7Fxo0L5xOZape8W+z6 IswZW+tKmiY/XGxN0CD/5Y0aNq2G+UK/RcX1j0oEctNUXUjayBppnpPymdmfp5bl yX00PacvOuFkUCHx6xCLH5bkSCxGKPAJE21J31HyDgebEsyjXZMP4DIBJpWn10rO 7mMDFgPEqBXJ3wcbIwwU08IRGBawWZMRplL2pLweWyy29NyPT5ThFWiuzCQQD8g= =oIaO -----END PGP SIGNATURE----- --nextPart1774079.K7nfB0kb7Z--