hardened Hardened Gentoo 2010-10-25 Hardened Gentoo brings advanced security measures to Gentoo Linux.

Hardened Gentoo is a project which oversees the research, implementation, and maintenance of security oriented projects for Gentoo Linux. We are a team of very competent individuals dedicated to bringing advanced security to Gentoo with a number of subprojects.

Hardened Gentoo's purpose is to make Gentoo viable for high security, high stability production server environments. This project is not a standalone project separated from the rest of Gentoo. Instead, it is intended to be a team of Gentoo developers which are focused on delivering solutions to Gentoo that provide strong security and stability. These solutions will be available in Gentoo once they've been tested for security and stability by the Hardened team.

battousai gengor Zorry blueness quantumsummers Chainsaw nixnut Grsecurity is a complete security solution providing such features as a MAC or RBAC system, Chroot restrictions, address space modification protection (via PaX), auditing features, randomization features, linking restrictions to prevent file race conditions, ipc protections and much more. Transparent implementation of PaX address space layout randomizations and stack smashing protections using ELF shared objects as executables. A kernel which provides patches for hardened subprojects, and stability/security oriented patches. Includes Grsecurity and SELinux. Bastille is an interactive application which gives the user suggestions on securing their machine. It will be customized to make suggestions about other Hardened Gentoo subprojects. Introduction to Hardened Gentoo Hardened Frequently Asked Questions Hardened Roadmap Hardened Debugging Hardened Debugging Using Xorg with Hardened Hardened Toolchain Technical Description A quickstart covering PaX and Hardened Gentoo PaX Utils Grsecurity2 QuickStart Guide Capabilities Listing PIC Intro (beginner) PIC Internals (intermediate) PIC Fixing (advanced) GNU Stack Quickstart I Want to Participate

To participate in the Hardened Gentoo project first join the mailing list at gentoo-hardened@lists.gentoo.org. Then ask if there are plans to support something that you are interested in, propose a new subproject that you are interested in, choose one of the planned subprojects to work on or simply ask if you can help with something. You can also talk to the developers and users in the IRC channel #gentoo-hardened on irc.freenode.net for more information or just to chat about the project or any subprojects.

If you think you don't have the knowledge or abilities to help, then try reading the current documents (there are always sections that can be improved or typos which we miss) and when you feel brave enough then try writing those documents you missed. Usually this only requires some internet research on your side and after some documents you'll most probably be able to help with other things you though you weren't able before.

Also, if you don't have time to actively help by contributing work we will always need testers to maintain the security and stability of the overall product. All development, testing, and productive comments and feedback will be greatly appreciated.