Rumen Yotov wrote:
Hi,
On Wed, 13 Sep 2006 12:36:45 + (UTC)
James [EMAIL PROTECTED] wrote:
Ryan Tandy tarpman at gmail.com writes:
Michael Crute wrote:
USE=-* hardened pic ncurses ssl crypt berkdb tcpd pam perl
python readline
You could omit pic here IIRC (on
I think I've answered my own question:
On my system, gzip is the only package that contains the pic USE flag.
Looking at the ebuild, the pic USE flag is used to tell the system not
to use the assembler code optimizations.
Presumably, assembler code can't be relocated.
Thanks,
Brian
Brian
Ryan Tandy tarpman at gmail.com writes:
Michael Crute wrote:
USE=-* hardened pic ncurses ssl crypt berkdb tcpd pam perl python
readline
Hello Ryan,
glibc croaked during an upgrade/recompile and told me to add:
'nptl nptlonly' to make.conf. I did and the sytem completed a deep recompile
Hi,
On Wed, 13 Sep 2006 12:36:45 + (UTC)
James [EMAIL PROTECTED] wrote:
Ryan Tandy tarpman at gmail.com writes:
Michael Crute wrote:
USE=-* hardened pic ncurses ssl crypt berkdb tcpd pam perl
python readline
You could omit pic here IIRC (on a hardened profile) hardened
includes
On 9/13/06, James [EMAIL PROTECTED] wrote:
Not sure I fully grasp what you mean by a 'hardened system'. If you mean
running a hardened kernel with only necessary software installed, then
yes, I run hardened kernels on most servers {dns, web, mail, firwalls}
If running a hardened system
On Wednesday 13 September 2006 14:36, James wrote:
The more minimized the global flags are, the more secure the server.
Were I the only one who wasn't quite convinced by that statement?
--
Bo Andresen
pgp90yjwqq0Ib.pgp
Description: PGP signature
Bo Ørsted Andresen wrote:
On Wednesday 13 September 2006 14:36, James wrote:
The more minimized the global flags are, the more secure the server.
Were I the only one who wasn't quite convinced by that statement?
No.
Stefan
--
gentoo-user@gentoo.org mailing list
On Wed, 13 Sep 2006 19:01:18 +0200, Bo Ørsted Andresen wrote:
The more minimized the global flags are, the more secure the server.
Were I the only one who wasn't quite convinced by that statement?
If that means leaving GAPING_SECURITY_HOLE out of USE, then it holds some
truth ;-)
--
On 9/13/06, Bo Ørsted Andresen [EMAIL PROTECTED] wrote:
On Wednesday 13 September 2006 14:36, James wrote:
The more minimized the global flags are, the more secure the server.
Were I the only one who wasn't quite convinced by that statement?
No... I think it is a little rush to state
On Wednesday 13 September 2006 21:13, Daniel da Veiga wrote:
On 9/13/06, Bo Ørsted Andresen [EMAIL PROTECTED] wrote:
On Wednesday 13 September 2006 14:36, James wrote:
The more minimized the global flags are, the more secure the server.
Were I the only one who wasn't quite convinced by
Brian Davis bridavis at comcast.net writes:
Can one covert a non-hardended machine to use the hardended-profile, or
do you have to start from scratch?
Hello Brian,
The short answer is YES. The correct answer is you have to
read quite a lot (I'm in the middle of that) and decide
which
Thanks James!
-- Original message -- From: James [EMAIL PROTECTED] Brian Davis comcast.net writes: Can one covert a non-hardended machine to use the hardended-profile, or do you have to start from scratch?Hello Brian, The short answer is YES. The correct
Michael Crute mcrute at gmail.com writes:
Those look a bit excessive for a minimalist machine. I would start over
You probably want to set your machine up with a similar
USE= string in make.conf
USE=-* hardened pic ncurses ssl crypt berkdb tcpd pam perl
python readline
net-www/apache
13 matches
Mail list logo