From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on finch.gentoo.org X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DMARC_NONE,MAILING_LIST_MULTI autolearn=unavailable autolearn_force=no version=4.0.0 Received: from red.ces.clemson.edu (red-pc.ces.clemson.edu [130.127.222.102]) by chiba.3jane.net (Postfix) with ESMTP id 58FCA255AF for ; Tue, 8 Jan 2002 09:26:52 -0600 (CST) Received: by red.ces.clemson.edu (Postfix, from userid 1000) id D94BF10017; Tue, 8 Jan 2002 10:27:15 -0500 (EST) Subject: Re: [gentoo-dev] Secure Gentoo - What do you think? From: Grant Goodyear To: gentoo-dev@gentoo.org In-Reply-To: <20020108142742.38c480cb.styx@SuxOS.org> References: <20020107171359.45792cdb.styx@SuxOS.org> <1010487111.773.2.camel@fluffy> <20020108142742.38c480cb.styx@SuxOS.org> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-Ng5cYckJiKIB8g+5t2Xo" X-Mailer: Evolution/1.0 (Preview Release) Date: 08 Jan 2002 10:27:15 -0500 Message-Id: <1010503635.25864.0.camel@red.ces.clemson.edu> Mime-Version: 1.0 Sender: gentoo-dev-admin@gentoo.org Errors-To: gentoo-dev-admin@gentoo.org X-BeenThere: gentoo-dev@gentoo.org X-Mailman-Version: 2.0.6 Precedence: bulk Reply-To: gentoo-dev@gentoo.org List-Help: List-Post: List-Subscribe: , List-Id: Developer discussion list List-Unsubscribe: , List-Archive: X-Archives-Salt: 61e68a39-8974-48cb-b768-844ac6008eba X-Archives-Hash: 5c620041f6f25218b183cd4b9d7a5530 --=-Ng5cYckJiKIB8g+5t2Xo Content-Type: text/plain Content-Transfer-Encoding: quoted-printable > I was planning to use Gentoo as a base, kind of, and make "secure" Portag= e > packages (with safe defaults etc., plus a few packages that aren't made f= or > Gentoo yes (AFAIK), like LIDS and libsafe, plus the patched kernel). Very cool. Those additions would be extremely welcome. > My only "problem" right now is to figure out where to start... ;) I guess= I'll > have to, more or less, modify each and every one of the .ebuild files. Gads, I hope not! If you do need to modify all of the ebuilds, then we haven't done our jobs very well. As for where to start, I assume you've installed Gentoo once or twice to get a good feel for how it works?=20 Then I would start on building a minimal SuxOS system. You'll presumably need to modify the bootstrap.sh script to compile glibc with formatguard, create a SuxOS kernel ebuild that includes all of the necessary patches, and make a /usr/portage/profiles/SuxOS/packages file tailored to SuxOS needs. Come play on #gentoo on irc.openprojects.net; we'll be happy to help! -g2boojum- --=20 ___________________________________________________________________ | Grant Goodyear | The Secrets of Physics: | | Dept. of Chemistry - Clemson U |1. Add zero. | | Clemson, SC 29634 |2. Multiply by one. | |-------------------------------------|3. Expand in a Taylor series| |e-mail: goodyea@clemson.edu |4. Integrate by parts. | |www:g2.ces.clemson.edu/~grant |5. Fourier transform. | | |6. Add auxiliary variables | |_____________________________________|____________________________| =20 --=-Ng5cYckJiKIB8g+5t2Xo Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA8Ow/TQHoSS57XL/QRAptyAKCY8q+a22O517N4dMClrmRDjI0apACdF8Ss a1IhGaZj5iVIceLaRgsPmWg= =MKoP -----END PGP SIGNATURE----- --=-Ng5cYckJiKIB8g+5t2Xo--