1 |
On Fri, 2003-11-21 at 05:16, Viktors Rotanovs wrote: |
2 |
> Hi, |
3 |
> |
4 |
> few questions for the list. |
5 |
> What's the status of hardened stages? |
6 |
> Readme file states that they're not ready for production use yet - is it |
7 |
> possible to disable some features and use them for production anyway? |
8 |
|
9 |
I think they are fairly stable, I've been running a webserver for a few |
10 |
weeks built from the the stages. In reality not much changes in the |
11 |
hardened stages vs default-x86-1.4 ones. It's basically a rebuild of |
12 |
system with a hgcc enabled userland. |
13 |
|
14 |
They wont be ready for production use till we have a way to make gentoo |
15 |
truly support pamless installs as we would like to turn pam off at the |
16 |
stage1 and leave it to the admin to decide if she/he wants to use pam or |
17 |
not.. Right that leaves us with just shadow5 in the way. Other than that |
18 |
we just need people testing them. |
19 |
|
20 |
|
21 |
|
22 |
|
23 |
> Does it make sense to use hardened gcc together with GRSecurity |
24 |
> (segment-based protection is turned on)? |
25 |
> |
26 |
yes |
27 |
|
28 |
> Hope that's not too much for one e-mail :) |
29 |
> |
30 |
> Best Wishes, |
31 |
> Viktors |
32 |
> |
33 |
> PS: is this list archived somewhere? |
34 |
> |
35 |
> |
36 |
> -- |
37 |
> gentoo-hardened@g.o mailing list |
38 |
|
39 |
-- |
40 |
Ned Ludd <solar@g.o> |
41 |
Gentoo Linux Developer |