On Wed, 05 Dec 2012 06:57:55 -0500 "Anthony G. Basile" <[email protected]> wrote:
> > > > Is it possible to reduce compilation for hardened gentoo by using > > Sabayon and how close to hardened Gentoo could I get. > > Pretty close, and depending on what you want to do, probably good > enough. Sabayon has been adopting hardening of the toolchain and > binaries built with it --- I've given them some advise in this > regard. I don't think they've adopted hardened-sources on their > images, but its there in emerge and they've made noise in that > direction. > So when you say pretty close, do you mean only if you use emerge and hardened sources for everything and not Sabayons binary repos atleast for the time being? > Having said that, what's the compile issue? It should take just as > long to build the kernel on sabayon as gentoo, all else being the > same. I build a grecurity kernel for arch, sign it, deliver it to a few machines and update userland. I've found packages like parole, alsa instead of pulse, abiword, gnome mixer instead of xfce-mixer and opera (until recently) that work with a fully enabled grsecurity kernel purely to save time building as I have lots of uses for good machines, don't believe in build machines running browsers and wish to minimise time spent updating in any case. OTOH I've heard the major package builds have binaries on gentoo to save users time so maybe the rest of userland will be quite quick to build, I have been meaning to find out on a gentoo test machine. I guess the hardened firefox with JIT disabled isn't a pre-built? Sorry for not replying sooner and thanks for the input.
