Simplicity is a form of art...

Gentoo Hardened progress meeting of march 2013

Another month has passed, so time for a new progress meeting...

Toolchain

GCC v4.7 has been unmasked, allowing a large set of users to test out the new GCC. It is also expected that GCC 4.8-rc1 will hit the tree next week. In the hardened-dev overlay, hardened support …

Uploading selinuxnode test VM

At the time of writing (but I'll delay the publication of this post a few hours), I'm uploading a new SELinux-enabled KVM guest image. This is not an update on the previous image though (it's a reinstalled system - after all, I use VMs for testing, so it makes sense to …

Working on a new selinuxnode VM

A long time ago, I made a SELinux enabled VM for people to play with, displaying a minimal Gentoo installation, including the hardening features it supports (PIE/PIC toolchain, grSecurity, PaX and SELinux). I'm currently trying to create a new one, which also includes IMA/EVM, but it looks like …

Transforming GuideXML to wiki

The Gentoo project has its own official wiki for some time now, and we are going to use it more and more in the next few months. For instance, in the last Gentoo Hardened meeting, we already discussed that most user-oriented documentation should be put on the wiki, and I've …

Gentoo Hardened goes onward (aka project meeting)

It's been a while again, so time for another Gentoo Hardened online progress meeting.

Toolchain

GCC 4.8 is on development stage 4, so the hardened patches will be worked on next week. Some help on it is needed to test the patches on ARM, PPC and MIPS though. For …

Listing files of (not) installed software

Everyone that has been using Gentoo for a while now knows about tools such as qlist that show you the list of files installed by an (installed) package, or qfile that allows you to find which package provided a particular file on your system.

One thing lacking is to be …