On Wed, 8 Mar 2006 00:17:52 -0500
Mike Frysinger [EMAIL PROTECTED] wrote:
how does the attached patch look ? it allows for regexes in the
ignore list which is why i used gawk ;)
Could we add something so that we can disable these ignore lists in the
hardened profile? At least something like:
On Sun, 5 Mar 2006 20:46:25 -0500
Mike Frysinger [EMAIL PROTECTED] wrote:
On Sunday 05 March 2006 19:48, Kevin F. Quinn (Gentoo) wrote:
This could be done via the profiles, perhaps - package.qa, something
like package.mask/use/keywords:
i hate such things ... imo this information should
On Mon, 2006-03-06 at 09:21 +0100, Kevin F. Quinn (Gentoo) wrote:
On Sun, 5 Mar 2006 20:46:25 -0500
Mike Frysinger [EMAIL PROTECTED] wrote:
On Sunday 05 March 2006 19:48, Kevin F. Quinn (Gentoo) wrote:
This could be done via the profiles, perhaps - package.qa, something
like
On Sat, 04 Mar 2006 19:56:41 -0500
Ned Ludd [EMAIL PROTECTED] wrote:
On Fri, 2006-03-03 at 23:32 -0500, Mike Frysinger wrote:
so we've found some cases where a package installs objects that
either need to be ignored by some of the scanelf checks ...
...
what this e-mail is about is
On Sunday 05 March 2006 19:48, Kevin F. Quinn (Gentoo) wrote:
Ned Ludd [EMAIL PROTECTED] wrote:
On Fri, 2006-03-03 at 23:32 -0500, Mike Frysinger wrote:
so we've found some cases where a package installs objects that
either need to be ignored by some of the scanelf checks ...
...
On Sun, 2006-03-05 at 20:46 -0500, Mike Frysinger wrote:
[snip]
be trivial to expand the support like:
QA_TEXTRELS=... # for all arches
QA_TEXTRELS_arch=... # for just one arch
so in the case of slmodem:
QA_EXEC_STACK=usr/sbin/slmodemd
in the case of some other package that only has
On Sun, 5 Mar 2006 20:46:25 -0500
Mike Frysinger [EMAIL PROTECTED] wrote:
On Sunday 05 March 2006 19:48, Kevin F. Quinn (Gentoo) wrote:
Ned Ludd [EMAIL PROTECTED] wrote:
On Fri, 2006-03-03 at 23:32 -0500, Mike Frysinger wrote:
so we've found some cases where a package installs objects
so we've found some cases where a package installs objects that either need to
be ignored by some of the scanelf checks ...
first off, we have kernel binary objects that a package installs (the h*modem
packages do this), so they should not be subjected to the exec stack scans
next up is the