From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Rc34f-0001PL-7g for garchives@archives.gentoo.org; Sat, 17 Dec 2011 22:49:49 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A5B8321C01F; Sat, 17 Dec 2011 22:49:40 +0000 (UTC) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by pigeon.gentoo.org (Postfix) with ESMTP id D5EFE21C01F for ; Sat, 17 Dec 2011 22:48:36 +0000 (UTC) Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 93DE621735 for ; Sat, 17 Dec 2011 17:48:36 -0500 (EST) Received: from frontend1.nyi.mail.srv.osa ([10.202.2.160]) by compute4.internal (MEProxy); Sat, 17 Dec 2011 17:48:36 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=binarywings.net; h=message-id:date:from:mime-version:to:subject:references :in-reply-to:content-type; s=mesmtp; bh=po7DuW5AftiLG8XHXQcS3VF/ H1A=; b=AE0ZQGQEd3uALDH3ExdpIUh3u+yBLpnXFwJXIfr1CMWl/aSp401wouVi Wpiu+gS6vH6TharYL6guPeZ1YmY9DudxwonXNypDzbfAsWDKVJwNVXr9PlavdWaR L/YFqv+UNOGfz9l44IQKqsZlKWw7/lqpxjQxO5NxGyffsHnV6HQ= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:date:from:mime-version:to :subject:references:in-reply-to:content-type; s=smtpout; bh=po7D uW5AftiLG8XHXQcS3VF/H1A=; b=D7Q1lKj6LuQ1KI/+KCkq1tDP398RwD0KjBMo wzT8+L3oDuDpzgPjXiknob8Dzb9/p51oYF60ysIufdwP2ZShWzLtu9ucSEXaOI7D D4nBGTqididejYyg5+CuvEM5+hp1gQfS1fCGsxxFhw/y9vEpOoTP+eoc7VGnYEr0 QxPKYA4= X-Sasl-enc: gidH8OYedXmwyWVmeIBXPYvL7M5qHFnlF6xerMQVwNut 1324162116 Received: from [192.168.5.18] (serv.binarywings.net [83.169.5.6]) by mail.messagingengine.com (Postfix) with ESMTPSA id 16DE18E00AB for ; Sat, 17 Dec 2011 17:48:35 -0500 (EST) Message-ID: <4EED1C3D.4020603@binarywings.net> Date: Sat, 17 Dec 2011 23:48:29 +0100 From: Florian Philipp User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:8.0) Gecko/20111211 Thunderbird/8.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: eix USE=security References: <4EEC79D5.2050404@binarywings.net> In-Reply-To: X-Enigmail-Version: 1.3.3 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigA076789A807CC95C2209EA38" X-Archives-Salt: e05bfb1a-25aa-4643-aeff-b4baae038a28 X-Archives-Hash: 6f88ed705e8cb6f91e22cd9e8603ef19 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigA076789A807CC95C2209EA38 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Am 17.12.2011 16:38, schrieb James: > Florian Philipp binarywings.net> writes: >=20 >> >> Hi list! >> >> I just noticed the USE flag "security" in stable app-portage/eix. The >> description is hardly helpful: It fixes exploits but is not enabled by= >> default. Why? What are the drawbacks? I couldn't find anything in a >> quick online search. >=20 > ef security >=20 > This adds some checks which can prevent certain exploits if e.g. the ei= x code > has a bug. If you use the hardened toolchain, using this flag does not = increase > security and can even lead to problems. > install the security module needed for some servers >=20 >=20 As I said, this description is hardly useful. If it fixes exploits, then why is it not enabled for non-hardened profiles per default? --------------enigA076789A807CC95C2209EA38 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk7tHEIACgkQqs4uOUlOuU8aKgCfeKHonvtW3yFxDcm45agPVFeZ WmcAnjqB93opzUniC/HjXIdhOi6Tft8W =n7gC -----END PGP SIGNATURE----- --------------enigA076789A807CC95C2209EA38--