[gentoo-dev] Re: Improve the security of the default profile

On Thu, 12 Sep 2013 11:23:04 -0400 "Anthony G. Basile" wrote: > The hardened team has talked about this in IRC and our general feeling > is that adding *just* ssp to vanilla gcc specs is okay. While there are > some performance hits, it is generally safe and should cause little > problems to o

[gentoo-dev] Last rites: virtual/pyparsing

# Michał Górny (13 Sep 2013) # Upstream decided to merge the Python 2&3 variants of pyparsing back # into a single package. We no longer support the split variants, # and therefore the virtual is unnecessary. Please simply depend # on dev-python/pyparsing instead. Removal in 30 days. # Including a

[gentoo-dev] Last rites: virtual/python-json

# Michał Górny (12 Sep 2013) # All currently supported Python implementations have built-in json # module already. This renders the virtual no longer needed. Please # remove your dependencies on it and enjoy json out-of-the-box. # Removal in 30 days. virtual/python-json -- Best regards, Michał G

Re: [gentoo-dev] Re: Improve the security of the default profile

On 09/10/2013 09:17 PM, Rich Freeman wrote: > On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote: >> 1. The kernel expects -fno-stack-protector to be the default. What will >> the effect be on kernel configuration once -fstack-protector is the default? > > Nothing, since the kernel build system d

Re: [gentoo-dev] Re: Improve the security of the default profile

On 09/11/2013 02:07 AM, Ryan Hill wrote: > On Tue, 10 Sep 2013 18:41:34 -0400 > Richard Yao wrote: > >> A few thoughts: >> >> 1. The kernel expects -fno-stack-protector to be the default. What will >> the effect be on kernel configuration once -fstack-protector is the default? > > The kernel has

Re: [gentoo-dev] Re: Improve the security of the default profile

On 09/12/2013 11:03 AM, Richard Yao wrote: > On 09/10/2013 09:17 PM, Rich Freeman wrote: >> On Tue, Sep 10, 2013 at 6:41 PM, Richard Yao wrote: >>> 1. The kernel expects -fno-stack-protector to be the default. What will >>> the effect be on kernel configuration once -fstack-protector is the defaul

Re: [gentoo-dev] Re: Improve the security of the default profile

On 09/07/2013 05:11 PM, Ryan Hill wrote: On Sat, 7 Sep 2013 18:10:42 + (UTC) Martin Vaeth wrote: Ryan Hill wrote: * -fstack-protector{-all} No thank you. -fstack-protector has very limited coverage I'd say it covers most cases where bugs can be made, practically without a severe impact

Re: [gentoo-dev] [PATCH systemd.eclass] Introduce systemd_install_serviced().

Dnia 2013-09-08, o godz. 13:12:26 Michał Górny napisał(a): > This function can be used to install service configuration templates. > Usage: > > systemd_install_serviced "${FILESDIR}"/foo.service.conf > > or: > > systemd_install_serviced "${FILESDIR}"/barbaz foo.service > > with the latter