Re: Building a distribution from source?

[Steve Kemp <skx@debian.org>]

On Fri, Dec 05, 2003 at 10:20:19AM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:

> > I believe that our GCC packages already have propolice patched in but not 
> > enabled.  Therefore it should be a much easier change to make for it to be 
> > included.
> 
> This is true, debian/patches has a line for propolice (currently commented 
> out)

  I've just spent several hours building a version of gcc v3.3 with this
 enabled, and tested it out on some packages.

  So far it appears to work, it will abort "attacks" and it hasn't
 demonstrated any obvious side effects.  I'm not sure that I can use it
 in practise, I will have to see how easy it is to get built under
 Debian Stable which really is my target environment.

  I'll continue playing with it and try to test it with more packages,
 reporting back here if there's anything interesting to say.

> "They're large patches, with no testing on most architectures.  They
> touch platform independent code.  If it really did do nothing without
> the option, and we were convinced of that, then maybe they could be
> applied - I'm not convinced."

  The naive thing for me to say is that no testing will happen until
 it is enabled and deployed.  I'm sure this has been considered though
 ..

Steve
--