Hardened Gentoo Roadmap

Adam Mondl @@ -46,28 +61,366 @@ Hardened Gentoo project. 2011-05-22 =20 -Short-Term Goals +Vision +

+ + + + +

+Within Gentoo Linux, the Gentoo Hardened project wants to be a shepherd = for all +security oriented projects. The project wants to make Gentoo viable for = highly +secure, high stability production environments.=20 +

+ + +

+ + + +Strategy +

+Introduction + + + + +

+In order to succesfully strive towards our vision, Gentoo Hardened aims = to +provide subprojects that test, develop, enhance, implement and integrate= =20 +specific security measures in Gentoo Linux. Although each of these proje= cts has +operational responsibilities (after all, the technologies that they supp= ort are +used by users all around) they continue to research and develop, making = Gentoo +Linux even better than it is today. +

+ +

+The direction that each of these projects is heading towards is describe= d in +their roadmap, a combination of strategic directions and shorter = term +milestones. These roadmaps are combined in this very document, allowing = users to +get a general overview of where Gentoo Hardened is evolving towards. +

+ + +

+Documentation + + +

+Documentation is Gentoo Hardened's first asset that users come in contac= t with. +It is important that Gentoo Hardened's documentation is well structured,= easily +accessible and correctly written. Although we currently focus on technic= ally +educated users and system administrators, this focus should not lower ou= r +responsibility of creating the necessary documents to guide new users in= Gentoo +Hardened's realms. +

+ + +

+Vulnerability Mitigation + + +

+Users use a toolchain, a set of libraries and tools like compiler= s, +linkers and more, to build their systems with. To fight potential +vulnerabilities and future exploits, Gentoo Hardened maintains a toolcha= in that +supports additional security-enhancing features like SSP, PIE and PIC. +Our focus is to enhance and maintain this toolchain and help the integra= tion of +these security-enhancing patchsets within the upstream communities so th= at the +benefits are available for all Linux users. +

+ +

+Yet toolchains are not the only method where risks can be reduced. Speci= fic +patch sets that enhance Linux' security-related capabilities exist, such= as +PAX, that help users mitigate the risk of succesful exploitation of +vulnerabilities. Gentoo Hardened positions and integrates these patches = in the +distribution. +

+ + +

+Access Control + + +

+Although definitely not the only security component of a system, proper = access +control is a prerequisite for a safer environment. Within Gentoo Hardene= d, +support of proper access control systems is important, and reflected in = our +choices of enhanced development of SELinux, grSecurity RSBAC and more. +

+ + +

+Architecture Support + + +

+The current primary development activities take place within the popular= and +commodity architectures x86 and amd64 (x86_64). Yet many other architect= ures +exist, especially within the server and embedded/mobile environments. Th= ese +architectures need to be properly supported as well. +

+ + +

+Staffing + + +

+In order to sustain or even grow our research and development pace and k= eep +supporting operational tasks and help out users, the Gentoo Hardened tea= m is +always looking for fresh blood. Users who take a proactive approach to f= inding +places for improvement and filling in the holes should and will be notic= ed and +probably recruited. Yet recruitment is not mandatory to help out our pro= ject.=20 +The necessary resources are put in place to let contributors efficiently= help=20 +out the project. +

+ + +

+ + + +Documentation Goals and Milestones

-Hardened Toolchain +Current State =20

-Now is the time to take a step back and examine the work that has been d= one so -far. A review of the current approach that the hardened toolchain takes = is -needed. There may be ways to strengthen the current implementation or ar= eas of -code that can be cleaned up to allow changes to be pushed upstream easie= r. +The Gentoo Hardened project is currently lagging behind a bit on documen= tation. +Recent upstaffing and contributions have helped this out, but we still n= eed to +focus on the toolchain documentation (both toolchain-specific documentat= ion +as wel as documents that relate to the toolchain) such as SSP, PIE and P= IC +information.

=20

-As a side effect of the previous hardened toolchain, many ebuilds curren= tly -filter hardened CFLAGS such as -fPIE and -fstack-protector. Work will al= so be -dedicated to reviewing those packages and seeking alternate solutions fo= r the -filters. +Also, comparative documents should be written to explain the choices tha= t Gentoo +Hardened has made, such as tool selection.

=20

+Goals and Milestones + + + + + + + + + + + + + + Document the Hardened Toolchain + + In Progress + Zorry + + + + Comparative analysis of security approaches taken by distributions= + + Unassigned + + + + + Rework grSecurity documentation + + Unassigned + + + + + Update/rewrite propolice documentation + + Unassigned + + + +

Description	ETA	Status	Coordinator(s)	Related Bugs

+ + +

+ =20 + +Hardened Toolchain Goals and Milestones +

+Current State + + +

+Our toolchain so far has seen a tremendous evolution. Some of the integr= ated +patches have been accepted upstream (like SSP), but work can still impro= ve. +To allow changes to be pushed upstream more easily, we might need improv= ements +on the ways to strengthen the current implementation, and work on the ar= eas of +code that need clean-up. +

+ +

+Our next steps are to take a step backwards and examine the work that ha= s been +done so far. We need to improve our existing documents, but also review = the +packages available in the Portage tree and help out the package maintain= ers in +handling CFLAG filters for a hardened toolchain in a proper way. +

+ + +

+Goals and Milestones + + + + + + + + + + + + + + + x86 support + + In place + Zorry + + + + amd64 (x86_64) support + + In place + Zorry + + + + sparc32 support + + Unassigned + + + + + sparc64 support + + Unassigned + + + + + ppc support + + In place + nixnut, Zorry, blueness + + + + ppc64 support + + In place + blueness + + + + s390 support + + Unassigned + + + + + hppa support + + Unassigned + + + + + arm support + + In progress + blueness + + + + mips support + + In progress + blueness + + + + ia64 support + + In place + Zorry, blueness + + + + + + + Document the toolchain feature set + + In progress + + + + + Describe the grSecurity RBAC system + + Unassigned + + + + + + + + Release hardened-sources-2.6.37 + + Done + blueness + + +

Description	ETA	Status	Coordinator(s)	Related Bugs
Improve and sustain support for multiple architectur= es
Enhance documentation
Kernel development and maintenance

+ + + + +

+ + + +Short-Term Goals

Access Control Systems @@ -132,115 +485,8 @@ contact us. =20 -Long-Term Goals -

-Documentation - - -

-The Hardened Gentoo Project is currently very lacking in documentation. = The -hardened toolchain needs to be documented fully, and older documents tha= t have a -relationship to the toolchain need to be updated, such as the SSP, PIE,= and PIC -documents. Also, comparative documents should be written to explain the = choices -that Hardened Gentoo has made in deciding which security tools to suppor= t and -which not to support. -

- - -

- -

-Support More Architectures - - -

-A long-term goal of the Hardened Gentoo Project is to support all of the -architectures that are officially supported by Gentoo. The only strong s= upport -that exists at the moment is for x86 and amd64. -

- -

-The hardened toolchain supports x86, amd64, ppc, ppc64, arm, ia64 and wo= uld like -to extend support to sparc and similar architectures. With access to dif= ferent -kinds of hardware, hardened support can slowly be extended to those -architectures as well. -

- - -

- -

-Expand the Hardened Team - - -

-There will always be unfinished tasks for the Hardened Team. Users who t= ake a -proactive approach to finding places for improvement and filling in the = holes -will be noticed and probably recruited. Current Hardened Team members wi= ll be -responsible for training new developers to fill new roles. If you are in= terested -in helping out, stop by the IRC channel and let someone know what you ar= e -interested in and what you will be doing about it. -

- -

-Input/peer review should always be welcome as it helps everyone out in t= he long -run. -

- - - -

- - - Roadmap Tracking

-Hardened Toolchain - - - - - - - - x86 SupportzorryComplete - - - amd64 SupportzorryComplete - - - sparc32 SupportUnassigned - - - sparc64 SupportUnassigned - - - ppc Supportnixnut,zorry,bluenessComplete - - - ppc64 SupportbluenessComplete - - - s390 SupportUnassigned - - - hppa SupportNot supported - - - arm SupportbluenessIn progress - - - mips SupportbluenessIn progress - - - ia64 Supportzorry,bluenessComplete - -

Description	Coordinator(s)	Status

- - -

- -

Hardened GCC =20 @@ -266,27 +512,6 @@ run.

=20

-Hardened Toolchain - - - - - - - - Document the feature setnoneIn Progress - - - Describe the RBAC systemnoneUnassigned - - - Release hardened-sources-2.6.37bluenessComplet= e - -

Description	Coordinator(s)	Status

- - -

Hardened Sources =20 @@ -383,31 +608,6 @@ run.

=20 -

-Documentation - - - - - - - - Comparative analysis of security approaches taken by distributio= ns. - Unassigned - - - Rework Grsecurity DocumentationUnassigned - - - Update/Rewrite Propolice DocumentationUnassign= ed - - - Document the Hardened ToolchainzorryIn Progres= s - -

Description	Coordinator(s)	Status

- - -

=20