On 07/07/2012 08:50 PM, Ken Moffat wrote: > Back in January last year, I made a proposal to add some discussion > of vulnerabilities in the security chapter, and how to look at what > the distros are doing to fix their builds (for vulnerabilities but > also for when packages no longer build). There was some interest > from users, but no comment from editors. At that time, I *thought* > several editors were still active, but I was probably mistaken. My > normal attitude is to not break things, and to follow the party line > even if that means doing nothing. Je suis anarchiste bourgeois. [1] > > I then went off in a huff, but had to come back because changes in > LFS-7.0 (glibc and bootscripts) broke nfs. Since then, we've got a > lot more active editors, but I think those proposed changes would > still be useful - it's not as if we are on top of known > vulnerabilites. Some of this proposal is updated and expanded. Sounds good. > Additionally, I think that now is a suitable time to replace > gnome-media with gvolwheel, and to add another lightweight window > manager (icewm). Cool cool. I don't use either, but I gather that others will appreciate them. > When I started preparing this, my current BLFS version was > 2012-06-23. You can find a rendered version of the changes, and a > gzipped diff of the xml, at > http://www.linuxfromscratch.org/~ken/tmp/ > > This contains the following changes: > > 1. new page in chapter 2 to explain static/shared libraries : in the > book we now often use --disable-static but I don't think we've > explained why.
Sounds good. I don't know if this is still covered in LFS. It used to be before PureLFS. > > 2. add pointers to some distros in Beyond BLFS, change freshmeat.net > to freecode.com, and add a link to a rpm2cpio script. Basically, > as in last year's suggestion (the change to google/linux is no > longer appropriate, that has become google/webhp and is not linux > specific). Any particular reason for rpm2cpio specifically? CLFS has an rpm2targz that we could add. -- DJ Lucas -- This message has been scanned for viruses and dangerous content, and is believed to be clean. -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
