It's surprising to see how many people are moving to Gentoo Hardened musl and exclusively using LLVM toolchain due to my and a small amount of other people's work.
I didn't expect this to start a movement...
I didn't expect this to start a movement...
🇳🇱
@inference
Id love a reason to go back to gentoo. What did you do?
@freemo I'm effectively the leader of Gentoo Hardening, a Matrix room which has been focused on security and privacy hardening Gentoo, using musl libc (not glibc), LLVM/Clang toolchain (not GCC), stripping codebases, even getting Chromium to run on musl and are now hardening it with Hexavalent patches. We have made huge progress in getting barely usable or broken musl packages working as daily driver packages.
These improvments have substantially decreased attack surface, allowed us to implement security features such as proper toolchain hardening and control-flow integrity, and have proper isolation of programs.
You can check my Git configuration files repo for the work I've personally done:
https://codeberg.org/inference/cfg/src/branch/dev/portage
These improvments have substantially decreased attack surface, allowed us to implement security features such as proper toolchain hardening and control-flow integrity, and have proper isolation of programs.
You can check my Git configuration files repo for the work I've personally done:
https://codeberg.org/inference/cfg/src/branch/dev/portage
@freemo @inference It's more exciting when configured for clusters. There's something fulfilling about using equipment to its true potential.