Hi fellow hardened devs:
I'm sorry for missing the meeting but things came up and the day got
hectic. It is an important meeting because we were to discuss:
1) what we want with toolchain.eclass - There is a move to get rid of
the eclas because it is "messy". This is probably a bad thing in
general and especially for hardened so we should discuss the pros and
cons and what we want.
2) what to do about tar and POSIX capabilities in the context of
building stage3's. Utilities like ping that used to be setuid to root
are now just using posix caps. But preserving xattrs with tar is
tricky. Since we dealt with this for the user.pax.* xattr namespace
jmbsvicetto asked us to look at security.capability. However, the issue
may now be mute because I just got a message from him that
tar --xattrs --xattrs-include=security.capability
--xattrs-include=user.* --acls -xjpvf
works to get us all the xattr goodies we need for hardened and gentoo in
general.
We should try to discuss 1 soon-ish before Cthulu awakens and madness
reigns in gentoo.
--
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197
