On Friday 22 May 2015 12:09:34 Alan McKinnon wrote: > On 22/05/2015 12:44, Mick wrote: > > On Friday 22 May 2015 09:38:46 Neil Bothwick wrote: > >> On Fri, 22 May 2015 02:53:17 -0500, Dale wrote: > >>>> So I'm the 3rd one in row to state that I haven't had any deleterious > >>>> effects that I noticed. > >> > >> Make that 4. > >> > >>> When I first emerge a new kernel, I run make mrproper to get a good > >>> clean start. > >> > >> There's no point in that. When you have just emerged the sources, there > >> is nothing for mrproper to remove. > > > > So, coming back to the OP, is it advisable to ignore this message: > No. It's in the ebuild and we assume the ebuild writer had a reason for > putting it there. The usual reason is that upstream has said their code > requires an option to be set. > > Where would you have gotten the idea that ignoring it is good advice?
Because the emerge did not stop to warn me about it, or require me to acknowledge before proceeding. Furthermore it tells me that bad things may happen, but doesn't explain what kind of bad things, referring to a URL if space does not allow. At this stage I am guessing that chromium's sandboxing mechanism is changed and it now requires a different memory allocation mechanism than what I had previously configured in my kernel. Having to configure my kernel to get a browser working sounds quite intrusive so I am worried some more. Looking at the changelog and then at bugs referred to there, I eventually arrived at CVE-2015-1252 [1] where the problem is explained: In any case, I think that something like this should invite user input at the start of the ebuild, rather than at the end? I haven't figured out yet if I will need to reinstall chromium after I have reconfigured my kernel ... in which case the warning should definitely come at the start of the ebuild. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1252 -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
