It's surprising to see how many people are moving to Gentoo Hardened musl and exclusively using LLVM toolchain due to my and a small amount of other people's work.

I didn't expect this to start a movement...

@inference
Id love a reason to go back to gentoo. What did you do?

@freemo I'm effectively the leader of Gentoo Hardening, a Matrix room which has been focused on security and privacy hardening Gentoo, using musl libc (not glibc), LLVM/Clang toolchain (not GCC), stripping codebases, even getting Chromium to run on musl and are now hardening it with Hexavalent patches. We have made huge progress in getting barely usable or broken musl packages working as daily driver packages.

These improvments have substantially decreased attack surface, allowed us to implement security features such as proper toolchain hardening and control-flow integrity, and have proper isolation of programs.

You can check my Git configuration files repo for the work I've personally done:
https://codeberg.org/inference/cfg/src/branch/dev/portage
Follow

@inference
Very cool. Ill give it a go. I do miss gentoo.

@freemo @inference It's more exciting when configured for clusters. There's something fulfilling about using equipment to its true potential.

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.