gentoo-hardened April 2008 archive
Main Archive Page > Month Archives  > gentoo-hardened archives
gentoo-hardened: Re: [gentoo-hardened] ping solar

Re: [gentoo-hardened] ping solar

From: RB <aoz.syn_at_nospam>
Date: Wed Apr 02 2008 - 15:24:55 GMT

I have to clarify a few points:

On Wed, Apr 2, 2008 at 8:59 AM, 7v5w7go9ub0o <> wrote:
> Had a conversation with aoz in the hardened IRC room yesterday,
> discussing how non-tech types such as I might help the hardened effort;
> 1. He suggested that Bugzilla took a lot of time. How could some of that
> time be outsource to a non-techie?

In particular, replicating user setups in a clean, scientific manner is what is the most time-consuming.

> 2. We discussed the possibility of incorporating links to white-paper
> "status reports" within the current, very-high-quality,
> reluctant-to-tamper-with Gentoo http pages.
I only mentioned whitepapers because that was the level of documentation I'm used to writing; status updates probably should never be in that format. IMO, updates should be integrated into the existing documentation.

> 3. IIUC, the current status is to wait for "upstream" (the gcc folks?)
> to successfully incorporate ssp into c++ compilations? And also that with
> rare exception, little is loss using the older 3.4.6 compiler?
> In those rare cases, gcc can be "slotted" so that 3.4.6 would be the
> default, but 4.x could be called to duty when 3.4.6 won't work?
I'm actually looking for a primary source on the 4.x ssp-for-c++ bit, if anyone has good links. I have everything solar's told us in #-hardened, but people tend to not take third-hand IRC logs too seriously.

Probably the first way to help this would be an update to the FAQ addressing the constant "why don't we have 4.x, and don't tell me 3.4.6 is good enough" question. Not that the OP did that, but many people have. For that matter, many of the docs are slightly out-of-date and could use some TLC. Who would commit the updates if I provided a diff? -- mailing list