PureOS GrsecTag
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.
Description

Grsec support in PureOS.

Recent Activity

Jan 6 2018

todd reassigned T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component? from todd to zlatan.todoric.

Should probably go to Zlatan, or maybe Kyle.

Jan 6 2018, 8:23 PM · PureOS Grsec, Restricted Project, Restricted Project

Aug 19 2017

zlatan.todoric closed T35: grsec: programmatically testing applications? as "Wontfix".

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Aug 19 2017, 7:16 PM · PureOS Grsec
zlatan.todoric closed T36: grsec: deluge, youtube-dl, python based network gui software failing to launch as "Wontfix".

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Aug 19 2017, 7:16 PM · PureOS Grsec
zlatan.todoric closed T38: grsec: disk formatting/partitioning may not work as "Wontfix".

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Aug 19 2017, 7:16 PM · PureOS Grsec
zlatan.todoric closed T41: grsec: gnome-tweak-tool as "Wontfix".

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Aug 19 2017, 7:15 PM · PureOS Grsec
zlatan.todoric closed T42: grsec: gnome-user-settings unavailable to unlock as "Wontfix".

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Aug 19 2017, 7:15 PM · PureOS Grsec
zlatan.todoric closed T47: grsec: thunderbird (replaced icedove) and now doesn't work with grsec as "Wontfix".

Removing grsec support from PureOS. More https://tracker.pureos.net/T37

Aug 19 2017, 7:15 PM · PureOS Grsec
zlatan.todoric closed T37: 4.7 vs 4.8-grsec mouse events ignored sometimes with multimedia in 4.7 work fine in 4.8-grsec as "Wontfix".

Due to all recent events, grsec will be impossible to support and we will actually actively remove it from our archive. We will gradually improve security, probably first step by enabling AppArmor by default. Closing all grsec related packages.

Aug 19 2017, 7:11 PM · PureOS Grsec
mak closed T33: grsec: Software fails to install from Gnome Software, but is able to from terminal as "Wontfix".

Closing, as we won't use grsec anymore.

Aug 19 2017, 4:53 PM · PureOS Grsec

Aug 11 2017

mak triaged T33: grsec: Software fails to install from Gnome Software, but is able to from terminal as "Low" priority.
Aug 11 2017, 11:02 PM · PureOS Grsec

Jun 23 2017

zlatan.todoric added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

We do have some refurbished Librems (as I mentioned it already here) but to get it you need to show some work already. Feel free to ping me on IRC (zlatan on freenode) or mail me directly so we talk about it.

Jun 23 2017, 1:57 PM · PureOS Grsec, Restricted Project, Restricted Project
baconicsynergy added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

If you have any smashed up, deformed, or otherwise defective librem laptops missing a battery and disk and have no chance of selling them, I wouldn't mind taking it off of your hands for me to do some experimental PureOS development! :)

Jun 23 2017, 12:42 AM · PureOS Grsec, Restricted Project, Restricted Project

Jun 12 2017

baconicsynergy added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

This is all so exciting!

Jun 12 2017, 12:20 PM · PureOS Grsec, Restricted Project, Restricted Project
zlatan.todoric added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

For the custom kernel - yes, I have for some time that in mind basically called on my TODO list as "PureOS kernel optimization" - the thing is that I wanted to have grsec enabled kernel by default before digging into that (as vanilla grsec is not meant for proper desktop usage) but now we faced the dawn of grsec so I am not sure yet how we will approach all that. If you have the skillset, I would gladly chat about it (I refurbished 6 Librem15v2 (prototypes and returns) which would end up maybe missing one components (such as disk or battery) but they are enough for development for future contributors to PureOS).

Jun 12 2017, 12:00 PM · PureOS Grsec, Restricted Project, Restricted Project
baconicsynergy added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

And I absolutely love that PureOS is developed with the Librem hardware in mind primarily. The Librems are without a doubt the standard of freedom and quality. This makes them highly-secure, but is still low-assurance, undeniably.

Jun 12 2017, 11:32 AM · PureOS Grsec, Restricted Project, Restricted Project
baconicsynergy added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

I feel you. For now, I will experiment with virtualizing PureOS with both sel4 and nova and see if interesting things develop nicely, and relay my results. Since all of the hardware is freed, device drivers will not be a problem for Genode to run perfectly on the Librem device (I wish I had the beefy cash to buy one :/).

Jun 12 2017, 11:15 AM · PureOS Grsec, Restricted Project, Restricted Project
zlatan.todoric added a comment to T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.

While this could be something to think about, at this moment it is way off the charts. It is undeveloped/untested proposal which would require quite a bit effort to achieve and we are currently overwhelmed with work. Besides manpower/manhours we would need to check against all freedom components (is all free and possible and if not what would require to create free alternative) and how much would impact performance and user experience of the device and OS. PureOS welcomes contributions and proof-of-concept demos if someone does (if you have the skills, feel free to join the community).

Jun 12 2017, 10:29 AM · PureOS Grsec, Restricted Project, Restricted Project

Jun 4 2017

baconicsynergy created T109: Thinking out of the box for systems security here :) What if we could increase security of PureOS by virtualizing it on top of the seL4/NOVA microkernel, either using CAmkES or as a Genode virtualization component?.
Jun 4 2017, 9:16 PM · PureOS Grsec, Restricted Project, Restricted Project

Apr 6 2017

hema.prathaban added a comment to T36: grsec: deluge, youtube-dl, python based network gui software failing to launch.

this is not reproducible after apt-get update; apt-get upgrade

Apr 6 2017, 6:10 PM · PureOS Grsec
hema.prathaban added a comment to T41: grsec: gnome-tweak-tool.

this is not reproducible after apt-get update; apt-get upgrade

Apr 6 2017, 6:09 PM · PureOS Grsec
hema.prathaban added a comment to T47: grsec: thunderbird (replaced icedove) and now doesn't work with grsec.

please try setting the pax extended attributes

Apr 6 2017, 6:04 PM · PureOS Grsec
hema.prathaban claimed T38: grsec: disk formatting/partitioning may not work.
Apr 6 2017, 6:03 AM · PureOS Grsec
hema.prathaban added a comment to T41: grsec: gnome-tweak-tool.

I am not able to reproduce this issue on the latest beta.

Apr 6 2017, 5:30 AM · PureOS Grsec
hema.prathaban claimed T41: grsec: gnome-tweak-tool.
Apr 6 2017, 5:29 AM · PureOS Grsec

Apr 4 2017

hema.prathaban added a comment to T33: grsec: Software fails to install from Gnome Software, but is able to from terminal.

Todd, can you try adding your username to the following additional groups , this should solve the packagekit failing and will prompt for the authentication.

Apr 4 2017, 6:21 PM · PureOS Grsec

Apr 3 2017

todd created T47: grsec: thunderbird (replaced icedove) and now doesn't work with grsec.
Apr 3 2017, 8:54 PM · PureOS Grsec
todd added a comment to T33: grsec: Software fails to install from Gnome Software, but is able to from terminal.

OK, what configuration change do we need within PureOS to have this be the default?

Apr 3 2017, 6:53 PM · PureOS Grsec
hema.prathaban added a comment to T33: grsec: Software fails to install from Gnome Software, but is able to from terminal.

The following works
$ su -

  1. export DISPLAY=:1
  2. gnome-software
Apr 3 2017, 6:43 PM · PureOS Grsec

Mar 25 2017

zlatan.todoric updated subscribers of T38: grsec: disk formatting/partitioning may not work.
Mar 25 2017, 3:24 AM · PureOS Grsec
mak changed the visibility for PureOS Grsec.
Mar 25 2017, 3:10 AM

Mar 24 2017

todd created T42: grsec: gnome-user-settings unavailable to unlock.
Mar 24 2017, 8:44 PM · PureOS Grsec

Mar 23 2017

todd created T41: grsec: gnome-tweak-tool.
Mar 23 2017, 8:45 PM · PureOS Grsec

Mar 22 2017

todd created T38: grsec: disk formatting/partitioning may not work.
Mar 22 2017, 4:31 PM · PureOS Grsec
todd created T37: 4.7 vs 4.8-grsec mouse events ignored sometimes with multimedia in 4.7 work fine in 4.8-grsec.
Mar 22 2017, 2:20 PM · PureOS Grsec

Mar 20 2017

mak added a project to T33: grsec: Software fails to install from Gnome Software, but is able to from terminal: PureOS Grsec.
Mar 20 2017, 2:33 AM · PureOS Grsec
mak added a project to T35: grsec: programmatically testing applications?: PureOS Grsec.
Mar 20 2017, 2:33 AM · PureOS Grsec
mak added a project to T36: grsec: deluge, youtube-dl, python based network gui software failing to launch: PureOS Grsec.
Mar 20 2017, 2:33 AM · PureOS Grsec
mak created PureOS Grsec.
Mar 20 2017, 2:32 AM