[gentoo-dev] Secure Gentoo

[Joachim Blaabjerg <styx@SuxOS.org>]

Hi again, people,

If you don't have any further ideas/thoughts/objections/whatever, I'll
finally start working on Secure Gentoo (or whatever the name is) now.
I've had a few time problems lately, so I'm sorry I haven't got started
earlier.

What I'm going to do:
* Make a profile with a small (minimal) set of apps, and slowly expand
it as I get more packages done/patched.
* Make a kernel patch, probably based on the Gentoo kernel, but with
GrSecurity, kerneli, a few netfilter patches etc.
* Patch packages with patches from the Owl GNU/*/Linux project (of which
I am lucky to be a currently idling developer), and make ACLs for each
app.

My original intent was to use LIDS, but I've somewhat changed my mind.
The ACL system in grsec has matured greatly lately, and I'm trying it
out as we speak. Have any of you got any experiences or thoughts on this
you want to share?

I've got a few questions, too:
Will the Gentoo kernel use Andrea Arcangeli's VM or Rik van Riel's (-aa
or rmap)?
How will this be done practically? I'm thinking in particular about the
freeze, and the proposed unstable branch.
How paranoid should it be? My first plan was to create ACLs for each and
every binary and deny almost everything else, but that might be too
paranoid for most people. What do you think? How about three security
levels (no ACLs, normal ACLs and very strict ACls)?

Any other thoughts and ideas will be greatly appreciated :)

-- 
Joachim Blaabjerg
styx@SuxOS.org
www.SuxOS.org