where do I start when building a secure OS?

dragoraexpirafuego · 04-12-2015, 03:50 PM

I guess you'd need to have secure hardware, which is nearly impossible...
are there any legit options?

then what?? what do I code?

spiky0011 · 04-12-2015, 04:14 PM

Hi

Lfs version of hardened lfs here http://www.linuxfromscratch.org/hlfs/view/development/
is old out of date 2011. But might be worth looking at.
Gentoo do a hardened version here https://www.gentoo.org/downloads/

found this http://grsecurity.net/
Hope this helps.

veerain · 04-12-2015, 09:50 PM

With LFS you may use selinux, acls, capabilities, fpie, fpic, stack smashing protectors to increase security.

Jerasmussen · 08-24-2015, 11:06 PM

http://pax.grsecurity.net
http://hypervion.blogspot.com/2012/0...2-bit-x86.html
http://akari.osdn.jp/index.html.en

ReaperX7 · 08-25-2015, 01:55 AM

The first place you need to start is an evaluation of what you think your system will need, and how much security you can tolerate.

Drafting a security contingency plan is where you need to begin. Look at packages in stable releases as well. Look for patches that enhance security protocols, and those that boost compatibility with the system and applications.

Set up strong passwords and enforce their usage.

Hardening is a rather blanket term, but you don't technically need SELinux, AppArmor, etc. They are security minded, but the real work is going to be how much you are willing to dedicate to securing your system using common sense techniques first, and careful planning.

Jerasmussen · 08-25-2015, 10:39 AM

Very True:

All the software in the world can't protect you if the permissions are set incorrectly.

Regards
James Rasmussen