More specifically, Portage. I know use flags and “optimization” are all the hype, but really, would the average user even see a benefit from customizing all their use flags? Especially a benefit that compensates for the constant compilation?
I installed it once to help grow my e-peen, but immediately switched back to Arch after watching my system compile.
Those who daily drive it, do compilation and use flags annoy you, and do you see any real benefit?
You still need all the tools need to compile, which you don’t need if you only use binaries. The resulting binary might be smaller, but the overall process is much larger.
Unless you are going to do a security audit on each step of the build process, I don’t see how you are reducing the attack surface.
Most people have some compilation tools installed on a binary based Linux, the tool chain yes would increase the surface too but being able to entirely remove specific parts of the os or say kernel code that is entirely unused reduces your surface. You can’t expoilt code that isn’t there.
Go through this https://www.gentoo.org/support/security/