[uClibc] Hardened-lfs using uClibc

Robert Connolly robert at linuxfromscratch.org
Mon Dec 6 03:11:34 UTC 2004


Hello. I would like to casually announce hardened-linuxfromscratch has 
recently decided to use uClibc in its toolchain. Key features so far include 
uClibc (optimized for speed not size), propolice stack guard, a pic/pie 
toolchain, PaX/Grsecurity kernel, and Frandom. The packages are otherwise the 
same as linuxfromscratch's base; gnu coreutils, man pages, robust development 
enviroment (no busybox). The build is native and bootstrapped, only the 
initial toolchain is cross compiled.

Hardened-lfs is a security oriented project currently in alpha stages. The 
first minor release, in text, is available here:
http://www.linuxfromscratch.org/hlfs/downloads/

Many improvements have already been added to the svn server. Snapshots and new 
releases will be available shortly, and conversion to xml/html is underway. 
All packages have instructions for dynamic linking. More critical packages, 
such as Bash and Coreutils, have optional instructions for static linking. 
The goal of the static linking option is to allow the machine to boot and 
allow root to login and repair the system in the event that ld.so, or 
libc.so, is missing or damaged. There are several issues needed to be worked 
out, like linking and testsuite bugs, but the finished system is usable. 
There are plans to have beyond-hardened-lfs hints and docs for packages like 
openssl, busybox, etc. Only the i386 platform is supported at this time. 
There is no date set for a stable release.

Svn repo is available here:
svn co svn://svn.linuxfromscratch.org/HLFS/trunk HLFS

There is a mailing list listed on the homepage here:
http://www.linuxfromscratch.org/hlfs/

Best regards
robert



More information about the uClibc mailing list