On Mon, Nov 01, 2010 at 08:41:34PM +0300, Peter Volkov wrote:
> В Вск, 31/10/2010 в 16:38 +0200, Alex Alexander пишет:
> > On Sun, Oct 31, 2010 at 11:50:02AM +0000, Markos Chandras wrote:
> > > On Sat, Oct 30, 2010 at 10:59:08PM -0400, Richard Freeman wrote:
> > > > Isn't this essentially what the default profile is?  Basically server is
> > > > just default + USE="apache2 ldap mysql snmp truetype xml".
> > > Well it shouldn't be like that. And if the default profile is pretty
> > > much the same as the server one, then please consider removing the
> > > server profile as it makes no sense then
> > 
> > Please don't. The fact that there are only a few changes doesn't make it
> > useless. Also, you'd be forcing all users currently using the profile to
> > migrate without any real reason.
> But what is the target group of this profile? It sets only 6 USE flags
> that are really useless on half of servers (e.g. VPN/mail server). I'd
> better set only -perl -python there to make servers less dependent on
> python/perl updaters and decrease rebuilds for servers. Also it's good
> idea to make them hardened only as hardened works very well for
> servers. 
> -- 
> Peter.
Errr no. There are also home based fileservers, media servers, routers,
radio servers blah blah blah. Not everyone needs the hardened
toolchain/kernel/security/etc. The target group are lightweight servers for home
or SOHO usage, file sharing, nfs, etc. I maintain such a server group so
I am talking based on personal experience. As I said before server usage is
not always security oriented. 
Yes, perhaps using -python/-perl might be good. 
Markos Chandras (hwoarang)
Gentoo Linux Developer
Web: http://hwoarang.silverarrow.org
Key ID: 441AC410
Key FP: AAD0 8591 E3CD 445D 6411  3477 F7F7 1E8E 441A C410

Attachment: pgpAVjdhSzEuz.pgp
Description: PGP signature

Reply via email to