From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (unknown [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id EDED11381FA for ; Mon, 26 May 2014 15:33:43 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 637DEE0818; Mon, 26 May 2014 15:33:38 +0000 (UTC) Received: from cdptpa-oedge-vip.email.rr.com (cdptpa-outbound-snat.email.rr.com [107.14.166.225]) by pigeon.gentoo.org (Postfix) with ESMTP id 501E5E080C for ; Mon, 26 May 2014 15:33:37 +0000 (UTC) Received: from [71.40.157.251] ([71.40.157.251:56304] helo=[192.168.2.52]) by cdptpa-oedge03 (envelope-from ) (ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTP id 00/BF-04269-0DE53835; Mon, 26 May 2014 15:33:36 +0000 Message-ID: <53835FD2.50007@tampabay.rr.com> Date: Mon, 26 May 2014 10:37:54 -0500 From: wireless User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: [gentoo-user] OT: idea Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-RR-Connecting-IP: 107.14.168.142:25 X-Cloudmark-Score: 0 X-Archives-Salt: fbb2fd45-b154-4621-b14b-3a23d9985f97 X-Archives-Hash: 6d63ad2e5aa75ecd7117de660586b759 I have been looking for a project to learn (figure out) how to build a secure portal on a gentoo-hardened server. I posting here so folks can look at the general approach I'm going to take, and make some better, corrective suggestions on this endeavor (learning excursion)? So here is the plane. Use the lilblue [1] or hardened-gentoo with glibc on top of btrfs and use virtual box to set up several application. This software is not multiuser. So I'm hoping to be able to allow one user to lock and use a single instance to post a enough entries to frame a problem of support question. I then want any number of folks to be able to "view" the posing and then use the discussion group to make suggestions as to the problem. Since there are many different (stable) version of gnucash, I'm going to try to first install several different versions of gnu cash so folks can post their problem on a version similar to what they have. The purpose of this excursion is to learn how to build a secure portal, to learn how to set up VMs on btrfs and to become consistently competent with gentoo-hardened. I'm going to attempt to set up 12 instances of various version of gnucash. [2] Maybe I should use antoher code in lieu of gnucash? Suggestions in hardened, security, web server etc etc are most welcome. Ultimately, my goal is to be able to take various codes and build a secure portal, with hundreds or thousands of sandboxed/jailed/VMed cell that are secure with differ codes and eventually even different OSes inside the cells on a gentoo-hardened platform. All comments are welcome. James [1] https://wiki.gentoo.org/wiki/Project:Hardened_uClibc/Lilblue [2] www.gnucash.org