From: basile <basile@opensource.dyc.edu>
To: gentoo-hardened@lists.gentoo.org
Subject: Re: [gentoo-hardened] Re: Tin Hat 20090119 released
Date: Thu, 22 Jan 2009 19:28:46 -0500 [thread overview]
Message-ID: <49790F3E.7070801@opensource.dyc.edu> (raw)
In-Reply-To: <497762A4.7020305@gmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everyone,
Let me respond to all in one email:
7v5w7go9ub0o wrote:
> THANK YOU for taking the time to post this valuable information!
> Thanks also for sharing your infectious energy with this mailing
> list; it reinforces the importance of keeping hardened Gentoo
> vital!!
Hardened Gentoo is *very* important and I think the team would appreciate
knowing where their work ends up: Besides being the basis of Tin Hat,
it is
also the basis of another project of ours (tor-ramdisk) which uses a
uclibc
(not glibc) based hardened gentoo environment to securely house a tor
relay.
Three of our production servers at D'Youville College are hardened gentoo
(virtual.dyc.edu, moodle.dyc.edu and project.dyc.edu) as are a couple of
internal servers. I use hardened gentoo when I teach my security course
to demonstrate various hardening techniques.
Clearly, we are heavily invested users. Yes, keep hardened Gentoo vital!
Gordon Malm wrote:
> I think Tin Hat is a cool project and they are more than welcome to
>
keep us
> abreast of new releases, along with some short release notes. In
fact, I am
> glad they do. It is hardly spam. Thanks Tin Hat peeps and keep up
>
the good
> work!
>
> Gordon Malm (gengor)
Thanks Gordon. On another note, I am wondering if you and the other
team members
have any thoughts about PaX/Grsecurity possibly being dropped
upstream. I hate
to see harndened gentoo without it, but there may be no choice.
RijilV wrote:
>
> On a side note, I think a stripped down version of tin hat linux
would be
> really cool - something around 300-400megs (so it could run very
nice on a
> system with a gig of ram).
We were already discussing this for the reasons you mention.
Anthony Basile, Ph.D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
USA
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkl5Dz0ACgkQl5yvQNBFVTVm9gCeM8/Zn32Lxb+LgTMQfJoJaOdj
pRwAnRHIFB9JSFhsnV/oPNS15AdRLKFZ
=jYHx
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2009-01-23 0:28 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-01-20 17:35 [gentoo-hardened] Tin Hat 20090119 released basile
2009-01-21 5:21 ` Joseph Raymond
2009-01-21 6:21 ` Gordon Malm
2009-01-21 6:31 ` RijilV
2009-01-21 9:00 ` pageexec
2009-01-21 15:54 ` Javier J. Martínez Cabezón
2009-01-21 18:00 ` [gentoo-hardened] " 7v5w7go9ub0o
2009-01-23 0:28 ` basile [this message]
2009-01-23 0:50 ` Ned Ludd
2009-01-25 18:09 ` pageexec
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49790F3E.7070801@opensource.dyc.edu \
--to=basile@opensource.dyc.edu \
--cc=gentoo-hardened@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox