Date: Tue, 19 Jan 2016 02:41:45 +0000 (UTC) From: Benjamin Kaduk <bjk@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r48064 - head/en_US.ISO8859-1/htdocs/news/status Message-ID: <201601190241.u0J2fjk0004557@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bjk Date: Tue Jan 19 02:41:44 2016 New Revision: 48064 URL: https://svnweb.freebsd.org/changeset/doc/48064 Log: Add HardenedBSD entry from Shawn Webb Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Tue Jan 19 02:28:43 2016 (r48063) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-10-2015-12.xml Tue Jan 19 02:41:44 2016 (r48064) @@ -4282,4 +4282,89 @@ </task> </help> </project> + + <project cat='misc'> + <title>HardenedBSD</title> + + <contact> + <person> + <name> + <given>Shawn</given> + <common>Webb</common> + </name> + <email>shawn.webb@hardenedbsd.org</email> + </person> + + <person> + <name> + <given>Oliver</given> + <common>Pinter</common> + </name> + <email>oliver.pinter@hardenedbsd.org</email> + </person> + </contact> + + <links> + <url href="https://hardenedbsd.org/" /> + <url href="https://hardenedbsd.org/article/shawn-webb/2015-12-31/introducing-hardenedbsds-new-binary-updater">Introducing HardenedBSD's New Binary Updater</url> + <url href="https://hardenedbsd.org/article/shawn-webb/2015-11-22/introducing-secadm-030-beta-01"><tt>secadm</tt>; Beta Published</url> + <url href="https://hardenedbsd.org/article/admin/2015-11-22/new-package-building-server">New Package Building Server</url> + <url href="https://github.com/HardenedBSD/secadm"><tt>secadm</tt></url>; + <url href="https://github.com/HardenedBSD/hardenedBSD-playground/tree/hardened/experimental/master-i915">HardenedBSD Haswell Support</url> + <url href="http://jenkins.hardenedbsd.org/builds/HardenedBSD-CURRENT-i915kms-amd64-LATEST/">Nightly Builds for HardenedBSD Haswell Support</url> + </links> + + <body> + <p>HardenedBSD has been hard at work improving the + performance and stability of our security enhancements. Security + flags are now per-thread instead of per-process, removing some + locking overhead. ASLR for mmap(MAP_32BIT) requests has been + refactored, but lib32 is now disabled by default.</p> + + <p>We've developed a new binary update utility, + <tt>hbsd-update</tt> akin to <tt>freebsd-update</tt>. + In addition to normal OS installs, it can also update + jails and ZFS Boot Environments (ZFS BEs). Updates are + signed using X.509 certificates.</p> + + <p><tt>secadm</tt> 0.3-beta has landed. It has been + rewritten from scratch in order to be more efficient. As part of + the rewrite, the rule syntax has changed and users must update + their rulesets as described in the README.</p> + + <p>Thanks to generous donations of a server from G2, Inc and + hosting from Automated Tendencies, we can now do full + package builds in just 35 hours, down from 75 hours. + This machine will also provide weekly binary updates for + the kernel and base system.</p> + + <p>Owing partly to the needs of the developers, we have + an experimental branch that includes the work + &a.dumbbell; has underway for Haswell graphics support, + on top of &os; 11-current. Binary updates are also + provided for this branch.</p> + + <p>Unfortunately, in order to focus our efforts on improving + HardenedBSD, we have had to pull back from submitting our ASLR + patches to &os;. The past two years' efforts to address comments + on the submission have taken their toll, and the effort is no + longer sustainable. We are proud to be based on &os; and believe + that the whole community could benefit from the security + technologies we are developing. We hope that someone else will + be able to step forward and finish off the task of integrating + ASLR into &os;.</p> + </body> + + <sponsor> + Automated Tendencies + </sponsor> + + <sponsor> + G2, Inc + </sponsor> + + <sponsor> + SoldierX + </sponsor> + </project> </report>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201601190241.u0J2fjk0004557>