Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Francesco Riosa <vivo75@×××××.com>
To: gentoo-dev@l.g.o, "Anthony G. Basile" <blueness@g.o>
Subject: Re: [gentoo-dev] Regarding the State of PaX in the tree
Date: Mon, 16 Apr 2018 14:26:30
Message-Id: 9ff386e1-ae2f-c026-e4bb-9229e7689fa9@gmail.com
In Reply to: Re: [gentoo-dev] Regarding the State of PaX in the tree by "Anthony G. Basile"
1 Il 16/04/2018 14:31, Anthony G. Basile ha scritto:
2 > On 4/16/18 5:14 AM, Hanno Böck wrote:
3 [snip]
4 >
5 >>
6 >> There's also another question related to this: What's the future for
7 >> Gentoo hardened?
8 >> From what I can tell hardened consists of:
9 >> * the things that try to make it compatible with grsec/pax
10 >> (more or less obsolete).
11 >> * things that are now in default profiles anyway (aslr, stack
12 >> protector).
13 >> * things that probably should be in default profiles (relro, now linker
14 >> flags)
15 >> * -fstack-check, which should eventually be replaced with
16 >> -fstack-clash-protection (only available in future gcc's) and that
17 >> should probably also go into default profiles.
18 >> * Furthermore hardened disables some useful features due to their
19 >> incompatibility with pax (e.g. sanitizers).
20 >>
21 >> So it's stuff that either is obsolete or probably should be a candidate
22 >> for main profiles. Maybe we should strive for "hardened-by-default".
23 >>
24 > You're forgetting selinux. Most of Zorry's work has made it into gcc
25 > and is now being enabled by our default toolchain. Some kernel features
26 > have also been improved upstream. With upstream carrying a lot of the
27 > work we did, I think 'hardened-by-default' minus selinux should be the
28 > goal of Gentoo.
29 >
30 Hardened had strong impact in some workflows, surpassing 10%.
31 Overhead could be acceptable in some situation but unwanted in others,
32 main profiles are obscure and difficult to change for most.
33 For this reason I'd like to ask to carefully evaluate if a security
34 feature can be enabled without suddently change the behaviour (worse
35 performances) of a machine running Gentoo.
36 Instead it would be good to have a guide on how to further harden any
37 profile.
38 If the hardening at any cost argument wins however we MUST have a guide
39 on ho to disable at least the most impactful options.
Report Message
Find on MARC Find on Google Groups