Perhaps a hardened desktop profile might be nice. Possibly even an selinux
profile with the popular WMs. From what I remember users of the server
profile are given a warning to switch to hardened though it would be nice
to add hardened options to other specialized profiles.
On Sat, Sep 7, 2013
Walter Dnes waltd...@waltdnes.org wrote:
Note that...
grep foo bar.txt
...returns colour-highlighted text, while...
grep foo bar.txt output.txt
...returns plain text. So it can be done properly for everybody.
No, it cannot be done properly for everybody:
grep foo bar.txt | tee
# Pacho Ramos pa...@gentoo.org (07 Sep 2013)
# Fails to build with gcc-4.7, no release since 2009,
# nothing in the tree needs it. Removal in a month.
net-irc/ezbounce
# Pacho Ramos pa...@gentoo.org (07 Sep 2013)
# Upstream looks dead, lots of unattended bugs needing
# patches (#369007, #444135,
On Thu, 05 Sep 2013 12:13:28 +0200
Agostino Sarubbo a...@gentoo.org wrote:
Hello,
during an irc debate, me and other people just noticed that the default
profile could use more flags to enhance the security.
An hint is here:
https://wiki.ubuntu.com/ToolChain/CompilerFlags
Please
Ryan Hill dirtye...@gentoo.org wrote:
* -fstack-protector{-all}
No thank you. -fstack-protector has very limited coverage
I'd say it covers most cases where bugs can be made,
practically without a severe impact on execution time or code size.
In contrast, -fstack-protector-all should be left
Ciaran McCreesh ciaran.mccre...@googlemail.com wrote:
Security does not come from the compiler. There is no compiler flag
that magically makes insecure code secure.
But there are flags which can catch some frequent code bugs which
perhaps some less careful upstream overlooked or is not aware
On Sat, Sep 7, 2013 at 2:10 PM, Martin Vaeth
va...@mathematik.uni-wuerzburg.de wrote:
Ryan Hill dirtye...@gentoo.org wrote:
* -fstack-protector{-all}
No thank you. -fstack-protector has very limited coverage
I'd say it covers most cases where bugs can be made,
practically without a severe
El sáb, 07-09-2013 a las 14:37 -0400, Rich Freeman escribió:
On Sat, Sep 7, 2013 at 2:10 PM, Martin Vaeth
va...@mathematik.uni-wuerzburg.de wrote:
Ryan Hill dirtye...@gentoo.org wrote:
* -fstack-protector{-all}
No thank you. -fstack-protector has very limited coverage
I'd say it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/07/2013 01:25 PM, Ryan Hill wrote:
On Thu, 05 Sep 2013 12:13:28 +0200
Agostino Sarubbo a...@gentoo.org wrote:
Hello,
during an irc debate, me and other people just noticed that the default
profile could use more flags to enhance the
Pacho Ramos pa...@gentoo.org wrote:
Is there any kind of information about performance penalty of
-fstack-protector? I have googled some time and there are various
estimations (from ~2 to ~8%), but I have no idea what have they checked
exactly.
This depends extremely on the code: Most
On Sat, 7 Sep 2013 18:10:42 + (UTC)
Martin Vaeth va...@mathematik.uni-wuerzburg.de wrote:
Ryan Hill dirtye...@gentoo.org wrote:
* -fstack-protector{-all}
No thank you. -fstack-protector has very limited coverage
I'd say it covers most cases where bugs can be made,
practically
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/07/2013 05:11 PM, Ryan Hill wrote:
On Sat, 7 Sep 2013 18:10:42 + (UTC)
Martin Vaeth va...@mathematik.uni-wuerzburg.de wrote:
Ryan Hill dirtye...@gentoo.org wrote:
* -fstack-protector{-all}
No thank you. -fstack-protector has very
12 matches
Mail list logo