FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 12-17-2011, 10:15 AM
Florian Philipp
 
Default eix USE=security

Hi list!

I just noticed the USE flag "security" in stable app-portage/eix. The
description is hardly helpful: It fixes exploits but is not enabled by
default. Why? What are the drawbacks? I couldn't find anything in a
quick online search.

Thanks in advance!
Florian Philipp
 
Old 12-17-2011, 02:38 PM
James
 
Default eix USE=security

Florian Philipp <lists <at> binarywings.net> writes:

>
> Hi list!
>
> I just noticed the USE flag "security" in stable app-portage/eix. The
> description is hardly helpful: It fixes exploits but is not enabled by
> default. Why? What are the drawbacks? I couldn't find anything in a
> quick online search.

ef security

This adds some checks which can prevent certain exploits if e.g. the eix code
has a bug. If you use the hardened toolchain, using this flag does not increase
security and can even lead to problems.
install the security module needed for some servers


hth,
James
 
Old 12-17-2011, 09:48 PM
Florian Philipp
 
Default eix USE=security

Am 17.12.2011 16:38, schrieb James:
> Florian Philipp <lists <at> binarywings.net> writes:
>
>>
>> Hi list!
>>
>> I just noticed the USE flag "security" in stable app-portage/eix. The
>> description is hardly helpful: It fixes exploits but is not enabled by
>> default. Why? What are the drawbacks? I couldn't find anything in a
>> quick online search.
>
> ef security
>
> This adds some checks which can prevent certain exploits if e.g. the eix code
> has a bug. If you use the hardened toolchain, using this flag does not increase
> security and can even lead to problems.
> install the security module needed for some servers
>
>

As I said, this description is hardly useful. If it fixes exploits, then
why is it not enabled for non-hardened profiles per default?
 
Old 12-17-2011, 09:59 PM
Neil Bothwick
 
Default eix USE=security

On Sat, 17 Dec 2011 23:48:29 +0100, Florian Philipp wrote:

> > This adds some checks which can prevent certain exploits if e.g. the
> > eix code has a bug.

> As I said, this description is hardly useful. If it fixes exploits, then
> why is it not enabled for non-hardened profiles per default?

It doesn't actually say that it fixes anything. It's more of a "it may
possibly prevent certain exploits using undefined, and maybe unknown,
bugs in the code". That's more a politician's language than a coder's.


--
Neil Bothwick

Good fortune will find you provided you left clear instructions.
 
Old 12-17-2011, 10:35 PM
Nikos Chantziaras
 
Default eix USE=security

On 12/17/2011 01:15 PM, Florian Philipp wrote:

Hi list!

I just noticed the USE flag "security" in stable app-portage/eix. The
description is hardly helpful: It fixes exploits but is not enabled by
default. Why? What are the drawbacks? I couldn't find anything in a
quick online search.


eix is known for having some rather ridiculous USE flags (optimization,
strong-optimization). "security" is another one you can simply ignore.
 

Thread Tools




All times are GMT. The time now is 06:40 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org