Thanks for the feedback. We appreciate your review of our approach. On Tue, Mar 13, 2012 at 1:19 PM, Anthony G. Basile <[email protected]> wrote: > > 1) glibc needs to be compiled with USE=hardened to apply some necessary > patches, and it needs to be compiled with a hardened compiler to get > -D_FORTIFY_SOURCES=2. So the toolchain (gcc/glibc/binutils) must be > compiled and then recompiled with USE=hardened.
Right, sorry I wasn't clear about that. Hardening the toolchain (gcc/glibc/binutils) should be a single step. > 2) If the entire system is not compiled hardened, then the system libraries > will lack the security from hardening. Why bother then with hardening at > all? This is a very important question that is still unclear for me. My premise is that: We can achieve a worthwhile increase security by selectively hardening Sabayon (hardened toolchain, hardened suid binaries, on a standard kernel). >From here, we will be in a position to selectively harden other categories of packages (such as @system, LAMP, etc...). Desktop (such as full Gnome and KDE) and Multimedia will probably be last (and may be a ways down the road). I have a supporting premise that, eventually, nearly all packages will support being built hardened. If these premises are incorrect, then this approach to hardening may not be worthwhile. And, again, I appreciate the feedback of the people who have spent much more time working with hardening.
