We need to decide on our next step for rolling out hardened Sabayon.
My proposal would be
(1) Add all the @system packages to the white list and rebuild them.
(2) Add Xorg to the white list during a time period we'll be able to
react to any issues.
If no issues,
(3) From here, go from white-lis
Fine with me.
On Fri, Nov 9, 2012 at 5:09 PM, Mitch Harder
wrote:
> We need to decide on our next step for rolling out hardened Sabayon.
>
> My proposal would be
>
> (1) Add all the @system packages to the white list and rebuild them.
> (2) Add Xorg to the white list during a time period we'll be
You sure there won't be any optimization of the code breakage and no
performance cost? I'm kinda scared of hardening almost all packages of the
system
On Fri, Nov 9, 2012 at 9:03 PM, Joost Ruis wrote:
> Fine with me.
>
> On Fri, Nov 9, 2012 at 5:09 PM, Mitch Harder
> wrote:
> > We need to decide
I've never been able to discern a performance difference between my
hardened systems, and my non-hardened systems.
I've built up several systems side-by-side, one hardened and the other
vanilla, specifically for the purpose of picking up signs of
systematic performance issues.
But, I'm sure we'll
Can you try a full blown hardening and pass bugs my way, ie open gentoo
bug reports. I wouldn't just start black/white listing because
somethings might be easy fixes.
On 11/09/2012 11:09 AM, Mitch Harder wrote:
We need to decide on our next step for rolling out hardened Sabayon.
My proposal
On amd64, the perf hit will be minimal. On x86 it will be substantial.
On 11/09/2012 02:08 PM, Steven Cristian wrote:
You sure there won't be any optimization of the code breakage and no
performance cost? I'm kinda scared of hardening almost all packages of the
system
On Fri, Nov 9, 2012 at 9:
Well, and the gains is more security, should I understand?
On Fri, Nov 9, 2012 at 10:07 PM, Anthony G. Basile wrote:
> On amd64, the perf hit will be minimal. On x86 it will be substantial.
>
>
> On 11/09/2012 02:08 PM, Steven Cristian wrote:
>
>> You sure there won't be any optimization of the
Yes, the purpose of hardened sources is enhanced security.
On Fri, Nov 9, 2012 at 2:22 PM, Steven Cristian
wrote:
> Well, and the gains is more security, should I understand?
>
>
> On Fri, Nov 9, 2012 at 10:07 PM, Anthony G. Basile
> wrote:
>>
>> On amd64, the perf hit will be minimal. On x86 i
Will you be benchmarking both amd64 and x86?
On 11/09/2012 04:12 PM, Mitch Harder wrote:
Yes, the purpose of hardened sources is enhanced security.
On Fri, Nov 9, 2012 at 2:22 PM, Steven Cristian
wrote:
Well, and the gains is more security, should I understand?
On Fri, Nov 9, 2012 at 10:07
At this time, I don't have any specific benchmarking agenda planned.
But I do have a x86 and two amd64 side-by-side reference systems for
evaluating issues.
In the past, I haven't been able to observe a significant performance
issue unless I utilized a specially crafted benchmark designed to
high
10 matches
Mail list logo