Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/xml/index.xml
blob: c770a9ebfadb9b28d10eec86192b306a568fedee (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189

<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet href="/xsl/project.xsl" type="text/xsl"?>
<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
<!DOCTYPE project SYSTEM "/dtd/project.dtd">
<project>
<name>hardened</name>
<longname>Hardened Gentoo</longname>
<date>2011-08-12</date>

<description>
Hardened Gentoo brings advanced security measures to Gentoo Linux.
</description>

<longdescription>
<p>
Hardened Gentoo is a project which oversees the research, implementation, and
maintenance of security oriented projects for Gentoo Linux. We are a team of
very competent individuals dedicated to bring advanced security to Gentoo
with a number of subprojects.
</p>

</longdescription>

<goals>
<p>
Hardened Gentoo's purpose is to make Gentoo viable for highly secure, high
stability production server environments. This project is not a standalone
project separated from the rest of Gentoo. Instead, it is intended to be a team
of Gentoo developers who are focused on delivering solutions to Gentoo that
provide strong security and stability. These solutions will be available in
Gentoo once they've been tested for security and stability by the Hardened team.
</p>

</goals>

<dev role="Member" description="Bastille Lead">battousai</dev>
<dev role="Member" description="PaX/Grsecurity, Hardened sources">gengor</dev>
<dev role="Project Lead" description="Hardened Toolchain, Doc">Zorry</dev>
<dev role="Member" description="PaX/Grsecurity, Hardened sources">blueness</dev>
<dev role="Member" description="Hardened sources, Doc">quantumsummers</dev>
<dev role="Member" description="Hardened sources">Chainsaw</dev>
<dev role="Member" description="PPC arch team liaison">nixnut</dev>
<dev role="Member" description="SELinux">pebenito</dev>
<dev role="Member" description="SELinux">SwifT</dev>

<!-- In the future we could use inheritmembers="yes"  but we need pages for all
or most of the subprojects -->
<subproject ref="/proj/en/hardened/selinux/index.xml" inheritresources="yes"/>
<!-- RSBAC is no longer with us :(
<subproject ref="/proj/en/hardened/rsbac/index.xml" inheritresources="yes" />
-->
<extraproject name="PaX/Grsecurity" lead="blueness">
Grsecurity is a complete security solution providing such features as a MAC or
RBAC system, chroot restrictions, address space modification protection (via
PaX), auditing features, randomization features, linking restrictions to prevent
file race conditions, ipc protections and much more.
</extraproject>

<extraproject name="Hardened Toolchain" lead="Zorry">
Transparent implementation of
<uri link="http://pax.grsecurity.net/docs/aslr.txt">PaX</uri> address space
layout randomizations and stack smashing protections using ELF shared objects as
executables.
</extraproject>

<extraproject name="Hardened Kernel Sources" lead="blueness">
A kernel which provides patches for hardened subprojects, and stability/security
oriented patches. Includes Grsecurity and SELinux.
</extraproject>

<extraproject name="Bastille" lead="battousai">
Bastille is an interactive application which gives the user suggestions on
securing their machine. It will be customized to make suggestions about other
Hardened Gentoo subprojects.
</extraproject>

<!-- Still rewieving it.
<plannedproject name="Security Documentation">Maintain
documentation about best practices, and general security measures
such as process limiting, setting quotas, securing systems with
kerberos, chrooting, tightening services, etc.</plannedproject>
-->

<resource link="/proj/en/hardened/primer.xml">
Introduction to Hardened Gentoo
</resource>
<resource link="/proj/en/hardened/hardenedfaq.xml">
Hardened Frequently Asked Questions
</resource>
<resource link="/proj/en/hardened/roadmap.xml">
Hardened Roadmap
</resource>
<resource link="/proj/en/hardened/hardened-debugging.xml">Hardened Debugging
</resource>
<resource link="/proj/en/hardened/hardenedxorg.xml">
Using Xorg with Hardened
</resource>
<resource link="/proj/en/hardened/hardened-toolchain.xml">
Hardened Toolchain Technical Description
</resource>
<resource link="/proj/en/hardened/pax-quickstart.xml">
A quickstart covering PaX and Hardened Gentoo
</resource>
<resource link="/proj/en/hardened/pax-utils.xml">
PaX Utils
</resource>
<resource link="/proj/en/hardened/grsecurity.xml">
Grsecurity2 QuickStart Guide
</resource>
<resource link="/proj/en/hardened/grsec-tpe.xml">
Grsecurity TPE Guide
</resource>
<resource link="/proj/en/hardened/capabilities.xml">
Capabilities Listing
</resource>
<resource link="/proj/en/hardened/pic-guide.xml">
PIC Intro (beginner)
</resource>
<resource link="/proj/en/hardened/pic-internals.xml">
PIC Internals (intermediate)
</resource>
<resource link="/proj/en/hardened/pic-fix-guide.xml">
PIC Fixing (advanced)
</resource>
<resource link="/proj/en/hardened/gnu-stack.xml">
GNU Stack Quickstart
</resource>

<herd name="hardened" />
<herd name="hardened-kernel" />
<herd name="selinux" />

<extrachapter position="devs">
<title>Contributors</title>
<section>
<body>

<p>
The following people although non-developer are actively contributing to the
project:
</p>
<table>
<tr><th>Contributor</th><th>Nickname</th><th>Role</th></tr>
<tr><ti>Francisco Blas Izquierdo Riera</ti><ti>klondike</ti>
<ti>Documentation writing, support</ti></tr>
<tr><ti>Chris Richards</ti><ti>gizmo</ti>
<ti>Policy development, support (SELinux)</ti></tr>
</table>

</body>
</section>
</extrachapter>

<extrachapter position="bottom">
<title>I Want to Participate</title>
<section>
<body>

<p>
To participate in the Hardened Gentoo project first join the mailing list at
<mail link="gentoo-hardened@lists.gentoo.org">
gentoo-hardened@lists.gentoo.org</mail>. Next, ask if there are plans to
support something that you are interested in, propose a new subproject that you
are interested in, choose one of the planned subprojects to work on or simply
ask if you can help with something. You can also talk to the developers and
users in the IRC channel <c>#gentoo-hardened</c> on <c>irc.freenode.net</c> for
more information or just to chat about the project or any subprojects.
</p>

<p>
If you think you don't have the knowledge or abilities to help, then try reading
the current documents (there are always sections that can be improved or typos
which we miss) and when you feel brave enough then try writing those documents
you missed. Usually this only requires some internet research on your side and
after some documents you'll most probably be able to help with other things you
thought you weren't able to help with before.
</p>

<p>
Also, if you don't have time to actively help by contributing work we will
always need testers to maintain the security and stability of the overall
product. All development, testing, and productive comments and feedback will be
greatly appreciated.
</p>

</body>
</section>
</extrachapter>
</project>