Gentoo Archives: gentoo-hardened

From: "Anthony G. Basile" <basile@××××××××××××××.edu>
To: gentoo-hardened@l.g.o
Subject: [gentoo-hardened] Cleaning up the hardened profiles
Date: Sun, 27 Jan 2013 14:32:29
Message-Id: 51053A73.9010602@opensource.dyc.edu
1 Hi everyone,
2
3 The number of profiles in gentoo is growing *again* with the addition of
4 release 13.0 profiles. Because of the way stacking works, adding these
5 to hardened means a repetition of code in a way that is not good. I'll
6 decide how to proceed in a week or so, let everyone know and then
7 implement something. Right now I'm leaning towards "test" profiles for
8 amd64 and x86 and after some good period of testing (6 months?) just
9 switch all of hardened from 10.0 to 13.0.
10
11 While I'm at the business of rethinking the profiles, I've been
12 wondering, does anyone use the /desktop, /developer, /server sub
13 profiles? I've officially only listed the following
14
15 [18] hardened/linux/amd64 *
16 [19] hardened/linux/amd64/selinux
17 [20] hardened/linux/amd64/no-multilib
18 [21] hardened/linux/amd64/no-multilib/selinux
19
20 for amd64, and similarly for other arches. But there also exist
21 profiles like:
22
23 hardened/linux/amd64/desktop
24 hardened/linux/amd64/developer
25 hardened/linux/amd64/server
26
27 for ia64, ppc, ppc64 and x86. I didn't even bother to add these for
28 mips or arm. These are not listed in profiles.desc, so you can't
29 eselect them, but a user could manually create those links.
30
31 If no one is using them, I'll mark them deprecated, and dump them in a
32 month or two.
33
34 Comments?
35
36
37 --
38 Anthony G. Basile, Ph. D.
39 Chair of Information Technology
40 D'Youville College
41 Buffalo, NY 14201
42 (716) 829-8197

Replies

Subject Author
Re: [gentoo-hardened] Cleaning up the hardened profiles Tully Gray <tullygray@×××××××.au>
Re: [gentoo-hardened] Cleaning up the hardened profiles Alexander Tsoy <alexander@××××.me>
Re: [gentoo-hardened] Cleaning up the hardened profiles Ron Adee <rnad1000@×××××.com>
Re: [gentoo-hardened] Cleaning up the hardened profiles Matthias-Christian Ott <ott@×××××.org>
Re: [gentoo-hardened] Cleaning up the hardened profiles "Tóth Attila" <atoth@××××××××××.hu>
[gentoo-hardened] Clarification on "Cleaning up the hardened profiles" "Francisco Blas Izquierdo Riera (klondike)" <klondike@g.o>