On Mon, Nov 01, 2010 at 08:41:34PM +0300, Peter Volkov wrote: > В Вск, 31/10/2010 в 16:38 +0200, Alex Alexander пишет: > > On Sun, Oct 31, 2010 at 11:50:02AM +0000, Markos Chandras wrote: > > > On Sat, Oct 30, 2010 at 10:59:08PM -0400, Richard Freeman wrote: > > > > Isn't this essentially what the default profile is? Basically server is > > > > just default + USE="apache2 ldap mysql snmp truetype xml". > > > Well it shouldn't be like that. And if the default profile is pretty > > > much the same as the server one, then please consider removing the > > > server profile as it makes no sense then > > > > Please don't. The fact that there are only a few changes doesn't make it > > useless. Also, you'd be forcing all users currently using the profile to > > migrate without any real reason. > > But what is the target group of this profile? It sets only 6 USE flags > that are really useless on half of servers (e.g. VPN/mail server). I'd > better set only -perl -python there to make servers less dependent on > python/perl updaters and decrease rebuilds for servers. Also it's good > idea to make them hardened only as hardened works very well for > servers. > > -- > Peter. > > Errr no. There are also home based fileservers, media servers, routers, radio servers blah blah blah. Not everyone needs the hardened toolchain/kernel/security/etc. The target group are lightweight servers for home or SOHO usage, file sharing, nfs, etc. I maintain such a server group so I am talking based on personal experience. As I said before server usage is not always security oriented. Yes, perhaps using -python/-perl might be good. -- Markos Chandras (hwoarang) Gentoo Linux Developer Web: http://hwoarang.silverarrow.org Key ID: 441AC410 Key FP: AAD0 8591 E3CD 445D 6411 3477 F7F7 1E8E 441A C410
pgpAVjdhSzEuz.pgp
Description: PGP signature
