From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <styx@SuxOS.org>
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on finch.gentoo.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.1 required=5.0 tests=DMARC_NONE,MAILING_LIST_MULTI,
	NICE_REPLY_A autolearn=unavailable autolearn_force=no version=4.0.0
Received: from mx0.dataguard.no (mx0.dataguard.no [212.62.224.13])
	by chiba.3jane.net (Postfix) with SMTP id 5476C25536
	for <gentoo-dev@gentoo.org>; Tue,  8 Jan 2002 07:26:54 -0600 (CST)
Received: (qmail 87026 invoked from network); 8 Jan 2002 13:27:15 -0000
Received: from unknown (HELO monster.dataguard.no) (212.62.224.2)
  by mx0.dataguard.no with SMTP; 8 Jan 2002 13:27:15 -0000
Received: (qmail 22568 invoked from network); 8 Jan 2002 13:27:12 -0000
Received: from unknown (HELO elysium.outsiders.net) (193.216.38.157)
  by hotel.dataguard.no with SMTP; 8 Jan 2002 13:27:12 -0000
Date: Tue, 8 Jan 2002 14:27:42 +0100
From: Joachim Blaabjerg <styx@SuxOS.org>
To: gentoo-dev@gentoo.org
Subject: Re: [gentoo-dev] Secure Gentoo - What do you think?
Message-Id: <20020108142742.38c480cb.styx@SuxOS.org>
In-Reply-To: <1010487111.773.2.camel@fluffy>
References: <20020107171359.45792cdb.styx@SuxOS.org>
	<1010487111.773.2.camel@fluffy>
Organization: www.SuxOS.org
X-Mailer: Sylpheed version 0.6.4 (GTK+ 1.2.10; i686-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: gentoo-dev-admin@gentoo.org
Errors-To: gentoo-dev-admin@gentoo.org
X-BeenThere: gentoo-dev@gentoo.org
X-Mailman-Version: 2.0.6
Precedence: bulk
Reply-To: gentoo-dev@gentoo.org
List-Help: <mailto:gentoo-dev-request@gentoo.org?subject=help>
List-Post: <mailto:gentoo-dev@gentoo.org>
List-Subscribe: <http://lists.gentoo.org/mailman/listinfo/gentoo-dev>,
	<mailto:gentoo-dev-request@gentoo.org?subject=subscribe>
List-Id: Developer discussion list <gentoo-dev.gentoo.org>
List-Unsubscribe: <http://lists.gentoo.org/mailman/listinfo/gentoo-dev>,
	<mailto:gentoo-dev-request@gentoo.org?subject=unsubscribe>
List-Archive: <http://lists.gentoo.org/pipermail/gentoo-dev/>
X-Archives-Salt: 7a6844ee-adcd-4d7f-a59b-fe1fc999aca6
X-Archives-Hash: 8a694ccaf7ba39a1cafa58f5391265db

Mikael Hallendal <hallski@gentoo.org> wrote:

> Will this work be done on Gentoo or are you planning to use portage
> SuxOS?

I was planning to use Gentoo as a base, kind of, and make "secure" Portage
packages (with safe defaults etc., plus a few packages that aren't made for
Gentoo yes (AFAIK), like LIDS and libsafe, plus the patched kernel).

> An interesting thought here would be to have some variable set in
> make.conf that if set only lets you install packages from a list of
> trusted apps/version. This would be a very flexible solution. Since it
> lets you have the exact same operating system on your workstation/server
> while having a really secure setup on your server.

Hmm... Sounds interesting!

> Let us know if you have any problems.

I will...

My only "problem" right now is to figure out where to start... ;) I guess I'll
have to, more or less, modify each and every one of the .ebuild files.

> Otherwise the only thing I have to say, welcome to the Gentoo community!

Thanks a lot! :)

-- 
Joachim Blaabjerg
styx@SuxOS.org
www.SuxOS.org