1 |
hardened-dev-sources-2.6 is available for "testing" |
2 |
|
3 |
Here is what you can get for the rock bottom |
4 |
bargain price of zero dollars and zero cents. |
5 |
|
6 |
* linux-2.6.4 |
7 |
(the kernel of course) |
8 |
|
9 |
* grsec-core-2.0 |
10 |
(vanilla snapshot from last night) |
11 |
|
12 |
* grsec extras |
13 |
(the ability to audit text relocations) |
14 |
|
15 |
* pax-status |
16 |
(displays runtime pax flags in /proc/#pid/status) |
17 |
|
18 |
* selinux-hooks |
19 |
(these allow selinux to hook directly into pax for policy enforcement) |
20 |
|
21 |
* selinux-ipaddr |
22 |
(this allows selinux to track ip address via policy or something) |
23 |
|
24 |
* netdev-rand-core |
25 |
(framework that allows net devices to seed to the entropy pool) |
26 |
|
27 |
* netdev-rand-drivers |
28 |
(drivers that actually do the entropy seeding) |
29 |
|
30 |
I'd like to thank cluckj from irc.freenode.net/#gentoo-hardened for |
31 |
testing almost every iteration of this while I was putting it together |
32 |
last night. (thanks bud). I'd also like to thank albeiro as well for |
33 |
porting the netdev-rand stuff and accepting to become the maintainer of |
34 |
those patches. Oh and of course I'd like to thank the usual list of |
35 |
suspects.. |
36 |
|
37 |
Other than that happy bug hunting. If something does not work join the |
38 |
hardened channel and pick a random nick and blame them cuz I'll plead |
39 |
the 5th :) |
40 |
|
41 |
Oh wait one more thing.. If you really care about security you probably |
42 |
should stick with 2.4.x |
43 |
|
44 |
-peace |
45 |
|
46 |
-- |
47 |
Ned Ludd <solar@g.o> |
48 |
Gentoo Linux Developer |