From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 6A586158089 for ; Mon, 13 Nov 2023 10:19:40 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EF5752BC01E; Mon, 13 Nov 2023 10:19:33 +0000 (UTC) Received: from sonic305-19.consmr.mail.ir2.yahoo.com (sonic305-19.consmr.mail.ir2.yahoo.com [77.238.177.81]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8A7792BC013 for ; Mon, 13 Nov 2023 10:19:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1699870772; bh=NCLNELbi4M3IakE1g/mhDdWiQdhlZkln/bPlqmKJF/4=; h=Date:To:From:Subject:References:From:Subject:Reply-To; b=Lxm/oruoMpA+a3aTiKEmgNxmOIk7CM85XQfXaATNEopLZjO26yZPA8VUHjGSkInPUk9kZPC0BRPqbWG2GbTiTf9zltH3MDYQKFYov72jp/N3ZJE8RlzEe5Z0tk6fDOcTWJ9pxHM5DLrWcyciHgWs/Bnq26VPSq/uBCWkqlSmN6Ys76UzlSYFmtquJgFkFv3lqz1I6NK3npYz17Nqe4SsSarJZakWln1iID+cIishseaY6MH2ACeGun21KqOc+xxl+OyV8xA4rr8kaq2jc/tkQ/NGN/EcgCalsB01PN/Wr58hA8PUQ8Du1K7rkhmCXLrTi2D5jEwOfHgPBuOJ5ElDqA== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1699870772; bh=15bVSK6wajm6IaAGBiGuE5W9QbKLcM2Ts2YodpoM0lD=; h=X-Sonic-MF:Date:To:From:Subject:From:Subject; b=KCVjpZAbxFk/lmsSLhUTrFgfr3zIJTvw+8BPVYEEJKvPCiEj1PX4lBcl+iOj8/lZ/0YbUEjSZw6L8icSZVTf7MhvhxeG1QMn886eR/ZkK+RUPpAhZ1G+W/HyBvPNMLyH2NCYRY6GycqX3PPxDQCbTaacUckRFMKwmq/Z/yg81+tF1FsgK/agAhjYt6WtAAE6XlTvm5n3GGBBIMcIISZTn85+Z+pGvGbl6F5GpDxOKhQkW6l8Govd7OePFxZj26crK1ogv5/84HUSS3anKof0Km9g81T4jGweDU3hpHgCY1VXZ6Wde/HfCd2E7erRZIlbgkIc6pKackIXACs9PHX0SA== X-YMail-OSG: M6pMPdEVM1lHd1ZiH4sApLjZIdcPP5lyg9rOqlPB7JkEibbhsgzDaFuE9Qcz9_D UKzVAde6ouReAkqAHHIsfR5ak3GmmCUK6W0fforpn3evW0bdcfFCYRNFMHQUCvjsOhytJwKTOHK1 .efBOPnoU5i_uq4jzXBWuAg4CBt7TKVCJtYrinbdsdKZZa.iBAwtx6.1rTTX71sCkh8fZE_nZNtP PFnM2JYuTI31EmCDhwqkrTGd24JW_vqe6fdg5mZKYcD7DedaSGf5YOjqoiruRf2VSSrJO.AO4Qjy 36o0qErjIKRaDlCLSq54eJcYE.gXbmEpt4d6KJcaz3CZEx9ZXC26pkdQv.00AAA6ZsFkTzUlTUWh 2o_BHfV8XNzVAGQTv9O1TNBHup45L4DhIwHbWgeoGWWp.m3_6UVQAUBWBEjs2wxd8rPx7cuWY7WT g.PLfVHVYAOGeiAwgiRILFPNec8BPcft2yhuS6_W9pMBbp0nZhbI6jqc8JVZpE20qgO36k.UVKoT DZdVEtGNCJ4jgYnz76UIvnolC7Edpc9OdkbYukG4mAI41548syQIfbgyQNfDYdyCkdl0Tax4IFDh hbNSvMQXrDj2dKO.IGJPqfGhPWHNUysXvdrU9aaklL8ZCZWwwxSPw0cAWq_IpX2elng5Os451OR2 I60OXoqNoHefTV.MLustzFUo3ZAJ9njtgkMlNYb9rzwPP0nrU7J8uFKdINxchX4OGnmADGCKReV7 Hq3UfZUa82dpOoQqKvrlekjML_6m22f1rgy0LEbh8VpcCDb7Oz9lSo6iKZmEAYLQntsTwhHtGWgu 6G71X6X3ye8dfTLoOk8e5Oj1cYgpGt3dg.ulynHdLZG7JOtRb.Ep4NO_mv9JjTPC4C8Ho8UOI.kr o_BgIETf27HDjgrc1znVYvxrFLb3CciPeZr65ANc5u14seLT5Iu3weCM7GoUgraodb6Z86yKVT71 p.vcmbr5hV6ghM2I37G8LqEK.e1wtI7HlK0QL7zNAr7yQO55qkRc6fgxcaFNbzAH2YZlUonIY.hw Z_ch5L5YmRyKPNR_DlFMid37QZ6svvIwMDqt990tinzfUKUUBowkEgPyiBV2X5yKaVexz8ehLVX3 dukIsQ0AUtPdpXO9SJp2D_T6cC4ca3vo93RPhGD2W8n4gsC76KYraUhr1sDxRZYc1umJJSLxL3bp 12jvNl2pGcdg51.Yz.BBM_k7YF4.zq0OCOwZtUcP7b8Mgak1ygoVLC4TDYSL4aoZRPcWA1B5L6R. 8GB_2mXjnEWnvwypEwa4taFb1OPNKOgpSJ_BVZmNAkGf0KK7z6cxT6V3T6o7OBX4aPbvvU2UNnYO bFHs8CD9NMcbKUkG2X2siN_u_0F86_r4dmKb_SJJdE57HZGyeKTgx7hPFkcHHyzKLGiwZ6M0Px1l Q2NI.VQAV.CGPEF.Of26CDS9iKBVGTwkxHOnNWK5zFslbDaiwZUXpz2lz_vZ5o.q9y4aRpi_7nwa e69WU.Ywn42.jcFOXbvrdeiFshlNFMoeEiM_2lEU8b6TgQkE5J4MCUIN5flCGfminozv3gy73Dur ysgkStNQw5C2nQ9odHw44T7BynKwApMbQncIO.2ny034B1wN..aPpT701q.R8rRGdvkerBrh3nvq mOlum2PpxjRFLae6fJMldyHbYUkhYVHc5T5nlCk3.042p3_4.ySq2uRyXPq1ywaK91NbmLd57CT1 nkKq.p5S0fWgTYTbgT5S0xElV86PXU3_YqzzAnZwaOOxzqquIXTSHrC.9enukgjJo1sn8QDJqErO X7G3v8zvyl85JDFmwQMOp_O9a_TtsB6nEEcz0.6ongts_JGynH4Y4xm4KVWMrXptfn5i0F00ibYy Z4_NOmSzOfuARJdMs4IoHytdayDuAF9wguCyBARQM7FcphO981dyy0oiI1KBZtVOYmGA8ENXSlZ7 4MaOPpld0gHG3G4oKTsd76g7VfZb4P496Gk9XV96qd0j7BhKgthMSLtpSIMc.LjkO6D57tYL10cQ Zrh7diptjxs17g_JHArWIuMUjcXKE8oW5ZNEVwdTsdkV_fDf_mpTYLesBL6jFgJE_ZHlaCJGK6Yo T1rFwmNFIKdL4S14dU4sghEjUsU94Av6tzE2CcCXjnemkd8vVkp8U2BGTD7QAioAXQt6J_y7A7Tj QxGvO4bXFpE2OY7J087koZ8TdRlLycPG4P5t9rERFBfiG2zRX4cygCrFtxYKr1o5hgoVAaVbNJg- - X-Sonic-MF: X-Sonic-ID: 4a5497d6-b63d-4784-8211-4d8eb95d88de Received: from sonic.gate.mail.ne1.yahoo.com by sonic305.consmr.mail.ir2.yahoo.com with HTTP; Mon, 13 Nov 2023 10:19:32 +0000 Received: by hermes--production-ir2-6755f9ff7c-ztgwg (Yahoo Inc. Hermes SMTP Server) with ESMTPA ID ed3e7bad3f2de44cd785f717aac4f1e6; Mon, 13 Nov 2023 10:19:27 +0000 (UTC) Message-ID: Date: Mon, 13 Nov 2023 11:19:26 +0100 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 User-Agent: Mozilla Thunderbird To: "gentoo-user@lists.gentoo.org" Content-Language: en-US From: ralfconn Subject: [gentoo-user] hardened vs desktop Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit References: X-Mailer: WebService/1.1.21896 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo X-Archives-Salt: 3afae97f-b003-404c-86a2-4594daf3bb59 X-Archives-Hash: d38585fff1595a049173013c24e7e886 Hello, I've been running the desktop profile for years. Now I'm thinking to switch to the hardened. Since there is no 'hardened desktop' profile, the hint I found online is to note the current desktop USEs, switch to hardened and add the USEs not found there, but I wonder if it is really the best option. Comparing the two profiles, hardened seems a sub-set of desktop with the addition of: cet hardened pie ssp xtpax It seems to me easier to add these to the desktop rather the other way round. Any gotcha's I am missing? thanks raffaele