Next, ask if there are plans to support something that you are interested in, propose a new subproject that you are interested in, choose one of the planned subprojects to work on or simply ask if you can help with something.
You can also talk to the developers and users in the IRC channel gentoo-hardened webchat on Libera. Chat for more information, or just to chat about the project or any subprojects. If you think you don't have the knowledge or abilities to help, then try reading the current documents there are always sections that can be improved or typos which we miss and when you feel brave enough then try writing those documents you missed.
Usually this only requires some internet research on your side and after some documents you'll most probably be able to help with other things you thought you weren't able to help with before. Also, if you don't have time to actively help by contributing work we will always need testers to maintain the security and stability of the overall product.
All development, testing, and productive comments and feedback will be greatly appreciated. Project:Hardened From Gentoo Wiki. Hardened Description Hardened Gentoo is a project which oversees the research, implementation, and maintenance of security oriented projects for Gentoo Linux.
Project email hardened gentoo. Hardened Gentoo is not a product or solution in itself, it is merely a project with a group of developers all working toward the same goal of very proactive security. The sub-projects contained in Hardened Gentoo are not related in any more way than they are hosted within the same project. You might think of it as the same way KDE and GNOME are both part of the desktop project, and both have a common goal, but are otherwise unrelated to each other.
At the heart of the project is PaX. PaX is a kernel patch that allows systems to be protected against buffer and heap overflows and similar attacks. PaX is the first line of defense in hardening a system. Because of poorly written software, systems are frequently at risk of compromise because of buffer and heap overflows. Buffer and heap overflows are the result of unchecked bounds in user input in applications.
When an attacker has the ability to give input to an application that is inserted into memory but not checked, there exists the possibility of an overflow. The end result of a buffer overflow is an overrun of adjacent executable code allowing arbitrary modifications to memory. This would normally cause the application to crash if the user input is not understood by the machine.
This generally manifests itself as a page fault because the characters that overrun the buffer into the executable area will be treated as an address which probably will not exist.
This is the most benign result of an overrun. If the attacker knows about an overrun in a particular software set, they will have the opportunity to add shellcode to the input and rather than causing the application to crash it will instead execute the instructions they have provided.
This is because shellcode is how instructions are stored in memory for execution by the processor. Basically shellcode consists of 'opcodes' which translate to assembly routines. An attacker knows these opcodes very well and can create shellcode which allows them to do anything they desire, such as run a root shell and bind it to a port. When this happens the user will not be aware that any kind of malicious activity has occurred because the application does not crash, instead it starts executing the attackers arbitrary code allowing them to do anything they please.
PaX mitigates the buffer overflow problem by randomly placing each function and buffer in an application in memory. By having random offsets for functions and buffers, the attacker is unable to craft an input which will guarantee that the shellcode will be executed and makes it very difficult since the application will probably crash and be restarted with new random offsets.
ASLR is most useful when used with PIE position independent executable code but also works with standard executable code, at the cost of overhead. PaX also offers the ability for executable segments to be executable and not writable, and likewise writable segments to be writable and not executable.
Add a comment. Active Oldest Votes. But is it worth the compile? A big question among the linux forums. Lets look at Gentoo hardened profile in terms of security: while it adds some security it's so little that it's not worth it in most cases. But what makes it hardened? PaX does this by using ASLR address space layout randomization , which uses random memory locations in memory. Each shellcode must use an address to jump to embedded in it in order to gain code execution and, because the address of the buffer in memory is randomized, this is much harder to achieve.
In order to use PaX, we have to use a PaX-enabled kernel, such as hardened-sources. This is also the address that is added to the RVAs in order to calculate the address of the functions inside the executable.
If the executable is compiled with PIE support, it can be loaded anywhere in memory, while it must be loaded at a fixed address if compiled with no PIE support. Such sections are. SSP stack-smashing protector is used in user-mode; it protects against stack overflows by placing a canary on the stack. When an attacker wants to overflow the return EIP address on the stack, he must also overflow the randomly chosen canary.
When that happens, the system can detect that the canary has been overwritten, in which case the application is terminated, thus not allowing an attacker to jump to an arbitrary location in memory and execute code from there. By default, the creator of a file has total control over the file, while the RBAC forces the root user to have control of the file, regardless of who created it. Therefore all users on the system must follow the RBAC rules set by administrator of the system.
Access control systems include the following: SELinux security-enhanced Linux AppArmor application armor Grsecurity, which contains various patches that can be applied to the kernel to increase the security of a whole system. If we would like to enable grsecurity in the kernel, we must use a grsecurity-enabled kernel, which is hardened-sources. RSBAC rule set-based access control : We must use rsbac-sources kernel to build a kernel with rsbac support.
Improve this answer. Okay, thank you for the clarification of all these security enforcement technologies. So if I understand your point, these items are very useful to improve security of a system; but you ask "is it worth it the compile? So, why are they not enabled by default in some major distros? I read that PaX on a desktop may break some binaries heard of java or firefox ; is it the only reason?
The reason PaX and grsecurity are not the default on many distros is due to politics and egos. The developers of both of those have personalities that clash strongly with the Linux kernel dev team. In addition to that, they do not wish to take the time to break up their patch into chunks that would be accepted into upstream, and instead use their time to develop more security features.
Also note that grsecurity is not an access control system.
0コメント