Wiki-valley-lg-cyan 200px.png Did you know a wiki could be used internally in your company ? For better knowledge management and internal communication. Less email and office files. 30 days free trial. (Ad)

Welcome to EverybodyWiki ! Nuvola apps kgpg.png Sign in or create an account to improve, watchlist or create an article like a company page or a bio (yours ?)...

Hardened Gentoo

From EverybodyWiki Bios & Wiki
Jump to navigation Jump to search

Hardened Gentoo is a project of Gentoo Linux that is enhancing the distribution with security addons, making it a Security-focused operating system. Current security enhancements to Gentoo Linux can be:

  • SELinux
    • A system of mandatory access controls. SELinux can enforce the security policy over all processes and objects in the system, and is an optional feature in all 2.6 kernel source packages.
    • A mandatory access control security system based on Generalized Framework for Access Control (GFAC). It provides several standard and custom (and mixables) access control models. It can enforce operating system access rules.
  • PaX/grsecurity
    • grsecurity is a complete security solution providing such features as a MAC or RBAC system, chroot restrictions, address space modification protection (via PaX), auditing features, randomization features, linking restrictions to prevent file race conditions, ipc protections and much more.
  • Hardened Toolchain
    • Transparent implementation of PaX address space layout randomizations and stack smashing protections using ELF shared objects as executables.
  • sys-kernel/hardened-sources
    • A kernel source package which includes patches for hardened subprojects, and stability/security-oriented patches, including grsecurity.
  • Bastille Linux
    • Bastille Linux is an interactive application which gives the user suggestions on securing their machine. It will be customized to make suggestions about other Hardened Gentoo subprojects.

The Mandatory Access Control (MAC) parts of SELinux, RSBAC and grsecurities RBAC are usually incompatible to each other. However, the chroot and network restrictions of grsecurity and the memory protection of PaX (included in the grsecurity patch for the Linux Kernel) are completely independent features and not incompatible with MAC systems.

See also[edit]

Others articles of the Topic Free software : VirtualMetric, Desktop cloud, DHTMLX, wpkg, KGet, Tinyproxy, NewPipe
Some use of "" in your query was not closed by a matching "".Some use of "" in your query was not closed by a matching "".

  • Security-focused operating system
  • Comparison of Linux distributions

External links[edit]

This article "Hardened Gentoo" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Hardened Gentoo. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.

Compte Twitter EverybodyWiki Follow us on !

Farm-Fresh comment add.png You have to Sign in or create an account to comment this article !