On Sat, 21 Feb 2015 02:44:54 +0300 Andrew Savchenko wrote: > Hello, > > at this moment 8 packages uses "seccomp" flag: > > app-admin/clsync > app-emulation/qemu > app-emulation/lxc > net-dns/bind > net-misc/tlsdate > net-misc/tor > net-misc/lldpd > sys-apps/systemd > > for the very same reason: enable seccomp filtering to improve > security. Some of them use seccomp directly via system calls, while > other rely on sys-libs/libseccomp, but this should have no > difference for users. > > I propose to add global "seccomp" USE flag as follows: > > seccomp - Enable seccomp for system call filtering > > and remove local descriptions for affected packages. > > Comments?
Ping. If there are no objections, I'll commit the following changes in a week: 1) Add global seccomp flag with description above. 2) Remove local seccomp descriptions from metadata of the packages listed above. Best regards, Andrew Savchenko
pgprlOeGKFb_k.pgp
Description: PGP signature
