From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LQ9uk-0003Qa-EN for garchives@archives.gentoo.org; Fri, 23 Jan 2009 00:28:50 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DDAE0E069E; Fri, 23 Jan 2009 00:28:47 +0000 (UTC) Received: from virtual.dyc.edu (unknown [65.249.164.70]) by pigeon.gentoo.org (Postfix) with ESMTP id B9580E069E for ; Fri, 23 Jan 2009 00:28:47 +0000 (UTC) Received: from [192.168.3.133] (unknown [192.168.3.133]) by virtual.dyc.edu (Postfix) with ESMTP id 8D795120071 for ; Thu, 22 Jan 2009 19:28:46 -0500 (EST) Message-ID: <49790F3E.7070801@opensource.dyc.edu> Date: Thu, 22 Jan 2009 19:28:46 -0500 From: basile User-Agent: Thunderbird 2.0.0.19 (X11/20090105) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] Re: Tin Hat 20090119 released References: <49760B49.7020409@opensource.dyc.edu> <497762A4.7020305@gmail.com> In-Reply-To: <497762A4.7020305@gmail.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 83a9fc04-e314-4c31-bd04-c1cfdabae6a5 X-Archives-Hash: 560f7a29eb26c03a3a9925a58dcc8c6e -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, Let me respond to all in one email: 7v5w7go9ub0o wrote: > THANK YOU for taking the time to post this valuable information! > Thanks also for sharing your infectious energy with this mailing > list; it reinforces the importance of keeping hardened Gentoo > vital!! Hardened Gentoo is *very* important and I think the team would appreciate knowing where their work ends up: Besides being the basis of Tin Hat, it is also the basis of another project of ours (tor-ramdisk) which uses a uclibc (not glibc) based hardened gentoo environment to securely house a tor relay. Three of our production servers at D'Youville College are hardened gentoo (virtual.dyc.edu, moodle.dyc.edu and project.dyc.edu) as are a couple of internal servers. I use hardened gentoo when I teach my security course to demonstrate various hardening techniques. Clearly, we are heavily invested users. Yes, keep hardened Gentoo vital! Gordon Malm wrote: > I think Tin Hat is a cool project and they are more than welcome to > keep us > abreast of new releases, along with some short release notes. In fact, I am > glad they do. It is hardly spam. Thanks Tin Hat peeps and keep up > the good > work! > > Gordon Malm (gengor) Thanks Gordon. On another note, I am wondering if you and the other team members have any thoughts about PaX/Grsecurity possibly being dropped upstream. I hate to see harndened gentoo without it, but there may be no choice. RijilV wrote: > > On a side note, I think a stripped down version of tin hat linux would be > really cool - something around 300-400megs (so it could run very nice on a > system with a gig of ram). We were already discussing this for the reasons you mention. Anthony Basile, Ph.D. Chair of Information Technology D'Youville College Buffalo, NY 14201 USA -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkl5Dz0ACgkQl5yvQNBFVTVm9gCeM8/Zn32Lxb+LgTMQfJoJaOdj pRwAnRHIFB9JSFhsnV/oPNS15AdRLKFZ =jYHx -----END PGP SIGNATURE-----