1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Hi all, |
5 |
|
6 |
2005.1 has now been officially released and here's what you can expect |
7 |
to find related to Hardened: |
8 |
|
9 |
- - x86 stages for both the 2.4 and 2.6 kernel profiles [1] |
10 |
- - expiremental amd64 non-multilib stages [2] |
11 |
- - x86 SELinux stages for both the hardened and non-hardened profiles [3] |
12 |
- - an x86 hardened livecd [4]. |
13 |
|
14 |
[1] releases/x86/2005.1/stages/x86/hardened/ |
15 |
[2] experimental/amd64/hardened/stages/ |
16 |
[3] experimental/x86/hardened/stages/ |
17 |
[4] experimental/x86/hardened/livecd/ |
18 |
|
19 |
Alternative to finding everything on the mirrors, it's available through |
20 |
bittorrent at http://tracker.netdomination.org/. |
21 |
|
22 |
The x86 hardened stages are much the same as always, just newer than the |
23 |
old. |
24 |
|
25 |
The new SELinux stages should be a bit refreshing as they are the first |
26 |
since November 2004. A fresh install should now remain fresh a little |
27 |
longer avoiding the need to upgrade everything right away. |
28 |
|
29 |
The amd64 profile has undergone some changes recently while building the |
30 |
stages. Testing of the stages would be greatly appreciated so that |
31 |
hopefully amd64 can be more well supported. It's important to note that |
32 |
the hardened/amd64 profile is strictly non-multilib, as are the stages. |
33 |
|
34 |
The x86 hardened livecd has undergone some changes and polishing since |
35 |
the earlier expiremental releases. Apart from all the forensics and |
36 |
network tools previously found on the CD, it now features an RSBAC |
37 |
kernel as well as enforcing policy, and a SELinux kernel, which when |
38 |
booted makes the CD suitable for performing SELinux installs, the latest |
39 |
CD able to do so since June 2004. |
40 |
|
41 |
It's important to note that when running the CD with the SELinux kernel, |
42 |
SELinux should not be put into enforcing mode. In all likelihood, it'll |
43 |
lockup fast and hard. |
44 |
|
45 |
I plan to release, via xdelta, and fresh ISO's, updates to the CD on a |
46 |
somewhat regular basis looking at between 1-2 months between 'official' |
47 |
releases, to make updates for the kernel as well as for other security |
48 |
issues bound to crop up in other packages. |
49 |
|
50 |
As usual, all bug reports should go to bugzilla [5], and be filed under |
51 |
the 'Gentoo Linux' product with 'Hardened' selected as the component. |
52 |
For the LiveCD, please report bugs in the 'Gentoo LiveCD (all flavors)' |
53 |
product with 'Hardened' selected as the component. |
54 |
|
55 |
[5] https://bugs.gentoo.org/ |
56 |
|
57 |
Share and enjoy, |
58 |
|
59 |
- - Robert Paskowitz <r2d2@g.o> |
60 |
|
61 |
|
62 |
P.S. This e-mail has been sent to both gentoo-dev and gentoo-hardened |
63 |
mailing lists, please bring all discussion to gentoo-hardened@g.o. |
64 |
-----BEGIN PGP SIGNATURE----- |
65 |
Version: GnuPG v1.4.1 (Darwin) |
66 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
67 |
|
68 |
iD8DBQFC+mOjZwjIiODIZ4oRAnzXAJwKsgc8xEBmkNDeGJCPqEYC8mhbswCdHx/L |
69 |
7cWJuLDYxtQzqXhUHsu6MHA= |
70 |
=Njgy |
71 |
-----END PGP SIGNATURE----- |
72 |
-- |
73 |
gentoo-hardened@g.o mailing list |