Le samedi 26 janvier 2013 à 02:46 -0500, Mike Frysinger a écrit : > On Friday 25 January 2013 19:10:53 Gilles Dartiguelongue wrote: > > It's not like libcap is a big dependency > > true, but not everyone needs this, nor can everyone leverage it (caps). it's > a linux-centric implementation and is dependent upon filesystem support being > available & enabled. > > that doesn't entirely justify making it a USE flag (since the code already > has > runtime fallback logic for when the fs doesn't support things), but since the > USE is low overhead and leverages logic that already has to be there, i have > no problem keeping it. plus it defaults to on.
hum, ok. > > and it's not like this is an > > attempt to make the system more secure by according just the privileges > > needed for apps to work as intended, right ? > > mmm that's exactly what this is > > > If the USE flag must stay, how is it different that current caps USE > > flag ? It applies and not just enables support but is that relevant to > > the purpose at hand ? [...] In summary, USE=caps if for stripping down from all to the bare minimum caps while USE=filecaps should allow us to provide bare minimum required capabilities from the start. If so, maybe this could be the same USE flag ? I would understand if we wanted to keep it separated to avoid potential confusion about the actual impact on packages though. -- Gilles Dartiguelongue <e...@gentoo.org> Gentoo
signature.asc
Description: This is a digitally signed message part
