USE=xattr is needed nowadays to support: - filesystem caps (those things that let you drop set*id and generally improves system security w/little to no runtime overhead) - PaX file markings (replaces binutils ELF markings) - selinux
we actually have USE=filecaps on by default already, and catalyst hard requires tar[xattr] in order to work. the hardened profile also package.use.force's this flag on for some core packages. not too many packages actually utilize this flag, and when they do, it's to pull in the attr package which clocks in at <200 KiB. the runtime overhead tends to be low to non-existent as xattrs tend to be used only when requested. when support is not available in the FS or kernel, packages should generally fall back gracefully. anyone opposed to flipping this flag on by default ? reference: https://bugs.gentoo.org/506198 https://bugs.gentoo.org/556408 -mike
signature.asc
Description: Digital signature
