On Thu, Jun 15, 2017 at 11:41:11PM +0200, Andreas K. Huettel wrote
> Am Sonntag, 11. Juni 2017, 20:39:00 CEST schrieb Walter Dnes:
> > 1) Should I be doing bug reports on the Gentoo bugzilla or upstream?
>
> Gentoo please, though also submitting stuff upstream and linking to
> it in the Gentoo
> there should be a way of turning these off systematically. the
> advantage of the current hardened gcc specs is that one can switch
> between them using gcc-config. if these are forced on for the default
> profile then there will be no easy way to systematically turn them off.
No - there
On 6/15/17 11:20 AM, Matthias Maier wrote:
> Hi Michael,
>
> On Sun, Jun 11, 2017, at 16:39 CDT, Michael Brinkman
> wrote:
>
>> So I was just wondering if ~arch is ready for more secure defaults on
>> the 17.0 profiles in the linker flags. There are several
>>
Am Sonntag, 11. Juni 2017, 20:39:00 CEST schrieb Walter Dnes:
> On Sat, Jun 10, 2017 at 05:15:05PM +0200, Andreas K. Huettel wrote
>
> > -> The new profiles will NOT have any entries in profiles.desc
> > yet. For "normal people" that means DO NOT SWITCH to these profiles
> > yet. <-
> >
> >
On Thu, 15 Jun 2017 18:48:42 +0100
Ciaran McCreesh wrote:
> On Thu, 15 Jun 2017 19:30:02 +0200
> Alexis Ballier wrote:
> > On Thu, 15 Jun 2017 18:04:35 +0100
> > Ciaran McCreesh wrote:
> > > On Thu, 15 Jun
On Thu, 15 Jun 2017 19:38:48 +0200
Michał Górny wrote:
> On czw, 2017-06-15 at 18:07 +0200, Alexis Ballier wrote:
> > On Thu, 15 Jun 2017 17:59:13 +0200
> > Michał Górny wrote:
> >
> > > On śro, 2017-06-14 at 16:09 +0200, Alexis Ballier wrote:
> > > >
On Thu, 15 Jun 2017 19:30:02 +0200
Alexis Ballier wrote:
> On Thu, 15 Jun 2017 18:04:35 +0100
> Ciaran McCreesh wrote:
> > On Thu, 15 Jun 2017 18:55:45 +0200
> > Alexis Ballier wrote:
> > > The guarantee comes from the
On czw, 2017-06-15 at 18:07 +0200, Alexis Ballier wrote:
> On Thu, 15 Jun 2017 17:59:13 +0200
> Michał Górny wrote:
>
> > On śro, 2017-06-14 at 16:09 +0200, Alexis Ballier wrote:
> > > On Wed, 14 Jun 2017 15:57:38 +0200
> > > Michał Górny wrote:
> > > [...]
On Thu, 15 Jun 2017 18:04:35 +0100
Ciaran McCreesh wrote:
> On Thu, 15 Jun 2017 18:55:45 +0200
> Alexis Ballier wrote:
> > The guarantee comes from the fact that the output is always in the
> > space of all possible inputs from the user. So,
On czw, 2017-06-15 at 09:49 -0700, Zac Medico wrote:
> On Thu, Jun 15, 2017 at 12:42 AM, Michał Górny wrote:
> >
> > Following the plan established in GLEP 59, we're long overdue
> > deprecating SHA256. Since we have finally got rid of the last packages
> > lacking SHA512
On czw, 2017-06-15 at 09:08 -0700, Zac Medico wrote:
> On Thu, Jun 15, 2017 at 12:27 AM, Michał Górny wrote:
>
> > The MANIFEST1_REQUIRED_HASH constant is not used anywhere, so it should
> > be possible to remove it safely.
> > ---
> > pym/portage/const.py | 1 -
> > 1 file
On Thu, 15 Jun 2017 18:55:45 +0200
Alexis Ballier wrote:
> The guarantee comes from the fact that the output is always in the
> space of all possible inputs from the user. So, if some output will
> kill a kitten, so does some input.
USE=minimal
USE=mips
USE=-ssl
--
Ciaran
On Thu, 15 Jun 2017 17:45:09 +0100
Ciaran McCreesh wrote:
> On Thu, 15 Jun 2017 18:37:16 +0200
> Alexis Ballier wrote:
> > > So you're saying that at the end of this, there's an ENFORCED_USE
> > > solver that spits out some answer that may or
On Thu, Jun 15, 2017 at 12:42 AM, Michał Górny wrote:
>
> Following the plan established in GLEP 59, we're long overdue
> deprecating SHA256. Since we have finally got rid of the last packages
> lacking SHA512 checksums, we can proceed with that. In order to prepare
> for it,
On Thu, 15 Jun 2017 18:37:16 +0200
Alexis Ballier wrote:
> > So you're saying that at the end of this, there's an ENFORCED_USE
> > solver that spits out some answer that may or may not be in any way
> > a sane solution to the conflict.
> >
> > I don't see how that's helpful
On Thu, 15 Jun 2017 17:32:40 +0100
Ciaran McCreesh wrote:
> On Thu, 15 Jun 2017 18:30:10 +0200
> Alexis Ballier wrote:
> > On Thu, 15 Jun 2017 17:22:26 +0100
> > Ciaran McCreesh wrote:
> > > On Thu, 15 Jun
On Thu, 15 Jun 2017 18:30:10 +0200
Alexis Ballier wrote:
> On Thu, 15 Jun 2017 17:22:26 +0100
> Ciaran McCreesh wrote:
> > On Thu, 15 Jun 2017 18:19:04 +0200
> > Alexis Ballier wrote:
> > > On Thu, 15 Jun 2017 17:13:57
On Thu, 15 Jun 2017 17:22:26 +0100
Ciaran McCreesh wrote:
> On Thu, 15 Jun 2017 18:19:04 +0200
> Alexis Ballier wrote:
> > On Thu, 15 Jun 2017 17:13:57 +0100
> > Ciaran McCreesh wrote:
> > > On Thu, 15 Jun
On Thu, 15 Jun 2017 18:19:04 +0200
Alexis Ballier wrote:
> On Thu, 15 Jun 2017 17:13:57 +0100
> Ciaran McCreesh wrote:
> > On Thu, 15 Jun 2017 18:07:00 +0200
> > Alexis Ballier wrote:
> > > > The best way to convince me
On Thu, 15 Jun 2017 17:13:57 +0100
Ciaran McCreesh wrote:
> On Thu, 15 Jun 2017 18:07:00 +0200
> Alexis Ballier wrote:
> > > The best way to convince me is through valid examples.
> >
> > It is also easier to be convinced when you try to
On Thu, 15 Jun 2017 18:07:00 +0200
Alexis Ballier wrote:
> > The best way to convince me is through valid examples.
>
> It is also easier to be convinced when you try to understand and ask
> for clarifications instead of just rejecting without thinking :)
The problem with
On Thu, Jun 15, 2017 at 12:27 AM, Michał Górny wrote:
> The MANIFEST1_REQUIRED_HASH constant is not used anywhere, so it should
> be possible to remove it safely.
> ---
> pym/portage/const.py | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/pym/portage/const.py
On Thu, 15 Jun 2017 17:59:13 +0200
Michał Górny wrote:
> On śro, 2017-06-14 at 16:09 +0200, Alexis Ballier wrote:
> > On Wed, 14 Jun 2017 15:57:38 +0200
> > Michał Górny wrote:
> > [...]
> > > > [...]
> > > > > > > > >
On śro, 2017-06-14 at 16:09 +0200, Alexis Ballier wrote:
> On Wed, 14 Jun 2017 15:57:38 +0200
> Michał Górny wrote:
> [...]
> > > [...]
> > > > > > > > [1]:https://wiki.gentoo.org/wiki/User:MGorny/GLEP:ReqUse
> > > > > > >
> > > > > > > I really don't like the
On Thu, Jun 15, 2017 at 12:42:33AM +0200, Kristian Fiskerstrand wrote:
> On 06/14/2017 06:11 PM, William Hubbs wrote:
> > Is it time to start thinking about an app-containers category?
> > If so, is it ok for me to start an app-containers category with these
> > packages then we can look into
Hi Michael,
On Sun, Jun 11, 2017, at 16:39 CDT, Michael Brinkman
wrote:
> So I was just wondering if ~arch is ready for more secure defaults on
> the 17.0 profiles in the linker flags. There are several
> distributions which ship RELRO by default and I am not
> [[ ${ret} == true ]]
>
> Would be the canonical bash way.
Updated.
Hi Michael
Am 11.06.2017 um 23:39 schrieb Michael Brinkman:
> Hello, so I've been running Gentoo Hardened for a few years on my
> laptop, my desktop, and a server made from an older desktop.
>
> Because of Grsecurity closing access to its source to non-subscribers,
> I decided that I would just
Dnia 15 czerwca 2017 15:45:10 CEST, Matthias Maier
napisał(a):
>From: Arfrever Frehtes Taifersar Arahesis
>
>Newly added tc-enables-pie(), tc-enables-ssp(), tc-enables-ssp-strong()
>and tc-enables-ssp-all() check macros instead of specs.
>This solution
From: Arfrever Frehtes Taifersar Arahesis
Newly added tc-enables-pie(), tc-enables-ssp(), tc-enables-ssp-strong()
and tc-enables-ssp-all() check macros instead of specs.
This solution also works with older GCC and with Clang.
Signed-off-by: Matthias Maier
OK.
This is a slightly modified version that uses string comparison to form the
result.
Best,
Matthias
On czw, 2017-06-15 at 03:09 -0500, Matthias Maier wrote:
> > > +# @FUNCTION: tc-enables-pie
> > > +# @RETURN: Truth if the current compiler generates position-independent
> > > code (PIC) which can be linked into executables
> > > +# @DESCRIPTION:
> > > +# Return truth if the current compiler
Following the plan established in GLEP 59, we're long overdue
deprecating SHA256. Since we have finally got rid of the last packages
lacking SHA512 checksums, we can proceed with that. In order to prepare
for it, however, we need to change the required hash to SHA512 and make
sure developers
The MANIFEST1_REQUIRED_HASH constant is not used anywhere, so it should
be possible to remove it safely.
---
pym/portage/const.py | 1 -
1 file changed, 1 deletion(-)
diff --git a/pym/portage/const.py b/pym/portage/const.py
index 7e415ba9c..052d4ca2f 100644
--- a/pym/portage/const.py
+++
On śro, 2017-06-14 at 18:15 -0500, Matthias Maier wrote:
> From: Arfrever Frehtes Taifersar Arahesis
>
> Newly added tc-enables-pie(), tc-enables-ssp(), tc-enables-ssp-strong()
> and tc-enables-ssp-all() check macros instead of specs.
> This solution also works with older
35 matches
Mail list logo