[OE-core] [PATCH 1/2] security_flags: turn potential string format security issues into an error
Khem Raj
raj.khem at gmail.com
Thu Apr 28 16:42:01 UTC 2016
> On Apr 28, 2016, at 9:39 AM, Richard Purdie <richard.purdie at linuxfoundation.org> wrote:
>
> On Thu, 2016-04-28 at 09:35 -0700, Khem Raj wrote:
>>> On Apr 28, 2016, at 9:22 AM, Richard Purdie <
>>> richard.purdie at linuxfoundation.org> wrote:
>>>
>>> On Thu, 2016-04-28 at 08:58 -0700, Khem Raj wrote:
>
>>>> Can we use _remove operation instead of introducing a new
>>>> variable
>>>> and emptying it out here.
>>>
>>> I actually suggested we do the above. The reason is that this way,
>>> the
>>> user can configure which flags they actually want to use. "remove"
>>> also
>>> has the problem that its near impossible for the user to override
>>> further.
>>>
>>
>> Thats right, and I was of the view that security flags should be one
>> set
>> and not offered at combination of multiple options, we just end up
>> increasing
>> the test matrix.
>
> OE-Core will continue to test with all of them, I think its better
> thantpeople can disable part of this, than have to disable everything
> for their layer though?
>
I see your viewpoint. Mine was to not offer that option at all.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20160428/480f937b/attachment-0002.sig>
More information about the Openembedded-core
mailing list