paxctl -m disables important PaX security features. The jit USE flag is already disabled by default for webkit-gtk on hardened, so I think that PaX-marking epiphany executable should be left for the end-user (as is done with midori, for instance).
Relevant: bug #407085, bug #404215.
Good point. Fixed in epiphany-3.4.0.1; if you want the full PaX protection, you can emerge it with USE=-jit. >*epiphany-3.4.0.1 (14 Apr 2012) > > 14 Apr 2012; Alexandre Rostovtsev <tetromino@gentoo.org> > +epiphany-3.4.0.1.ebuild: > Version bump with a much improved history storage and a new gtk3.4-style > application menu. Add a new jit USE flag to control whether to relax memory > protection on PaX systems and allow using jit-enabled webkit-gtk (bug > #410617, thanks to Maxim Kammerer for reporting).