| 1 |
Why did you add ssp in CFLAGS?, why not using specs directly?. I only |
| 2 |
added -D_FORTIFY_SOURCE=2 in CFLAGS. glibc doesn't compile with |
| 3 |
-fstack-protector-all in the CFLAGS, so you should switch to the |
| 4 |
-fstack-protector to compile which is less secure than using specs |
| 5 |
which compile with -fstack-protector-all which could be done. |
| 6 |
|
| 7 |
2009/5/20 basile <basile@××××××××××××××.edu>: |
| 8 |
> |
| 9 |
> Hello everyone, |
| 10 |
> |
| 11 |
> I'd like to announce that a new release of Tin Hat is out. Tin Hat is a |
| 12 |
> fully featured Linux desktop based on Hardened Gentoo which runs purely |
| 13 |
> in RAM. It aims to be very secure, stable, and fast. |
| 14 |
> |
| 15 |
> This release concentrates primarily on updating the hardened tool chain, |
| 16 |
> and no changes were made to the kernel since the last release. The |
| 17 |
> system was completely recompiled using hardened Gentoo's stock gcc-4.3.3 |
| 18 |
> plus stack-protection added via the CFLAGS and CXXFLAGS in make.conf. |
| 19 |
> Extensive testing of the most used services and apps gave no issues with |
| 20 |
> the exception of Evolution which required lazy linking. |
| 21 |
> |
| 22 |
> As with every release, we sync-ed upstream with Gentoo. Major package |
| 23 |
> updates include coreutils, util-linux, and xorg-server and its |
| 24 |
> drivers/libs. Firefox was also update to the more secure 3.0.10. |
| 25 |
> |
| 26 |
> Home page: http://opensource.dyc.edu/tinhat |
| 27 |
> Downloads: http://opensource.dyc.edu/tinhat-downloads |
| 28 |
> |
| 29 |
> -- |
| 30 |
> |
| 31 |
> Anthony G. Basile, Ph.D. |
| 32 |
> Chair of Information Technology |
| 33 |
> D'Youville College |
| 34 |
> Buffalo, NY 14201 |
| 35 |
> USA |
| 36 |
> |
| 37 |
> (716) 829-8197 |
| 38 |
> |
| 39 |
> |
| 40 |
> |
| 41 |
> |
Archives