# Copyright 1999-2004 Gentoo Foundation. # Distributed under the terms of the GNU General Public License v2 # $Header: /var/cvsroot/gentoo-x86/profiles/hardened-x86-2004.0/make.defaults,v 1.9 2005/01/12 22:49:19 spyderous Exp $ GRP_STAGE23_USE="x86 berkdb crypt readline nls ssl tcpd zlib pam pic pie hardened" # defaults for a hardened system # pam added until bug 10135 is fixed USE="x86 berkdb bitmap-fonts font-server crypt readline nls ssl tcpd type1-fonts truetype-fonts zlib pam pic pie hardened" ARCH="x86" ACCEPT_KEYWORDS="x86" # # FEATURES are settings that affect the functionality of portage. Most of # these settings are for developer use, but some are available to non- # developers as well. # # 'sandbox' enable sandbox-ing when running emerge and ebuild # 'sfperms' feature for security minded people that causes portage to # remove group+other readable bits on setuid files and # remove the other readable bits on setgid files. # 'strict' causes portage to react strongly to conditions that # have the potential to be dangerous -- like missing or # incorrect Manifest files. # 'userpriv' allows portage to drop root privleges while it is compiling # as a security measure, and as a side effect this can remove # sandbox access violations for users. # 'usersandbox' enables sandboxing while portage is running under userpriv. # unpack -- for debugging purposes only. # FEATURES="sandbox sfperms strict" #FEATURES="sandbox sfperms strict userpriv usersandbox"