On Thu, Jul 11, 2013 at 12:43:36AM -0400, DJ Delorie wrote:
> Stack protector is not a new requirement in Fedora. It's been part of
> the distribution for years.
xterm has been part of the distribution for years also, but it's not a
release requirement.
The assumption has always been that all primary architectures embody the
same level of functionality, with the exception of fundamental
differences between the architectures. If things that are currently
supported by the primary architectures cease to be supported by the
primary architectures, that's a strong argument that they're not
fundamental to Fedora. For example, in the absence of hardware nx
support, I wouldn't argue that ARM should be forced to implement
execshield - both because it's fundamentally tied to 32-bit x86, and
because we've given up on supporting it. But yes, if ARM wanted to ship
without xterm while the other primary architectures supported it, I'd
say that that would be a blocker for shipping ARM as a primary
architecture.
I think what's been missed here is that the secondary architecture
promotion guidelines were intended to be an addition to common sense
rather than a replacement for it. They didn't seek to be an exhaustive
list of things that had to be present for something to be a PA - they
were an attempt to shape out the grey areas. A primary architecture
should include everything that one could reasonable expect to be present
in Fedora, which includes security features.
--
Matthew Garrett | mjg59(a)srcf.ucam.org