Some of the Gentoo goodness I'm involved in can be found here. Mostly I use this page to find stuff quickly; however, feel free to use any of it yourself.


The hardened-sources are a patchset applied to the gentoo-sources to provide GRSEC/PaX hardening.

The openrc project aims to revamp Gentoo's init script system.

The SELinux Project aims to bring Security Enhance Linux to Gentoo.

elfix is a suite of tools to work with ELF binaries and libraries on Hardened Gentoo.

webapp-config simplifies the installation of LAMP applications in virtual hosting systems.

Lemote Yeeloong Gentoo Desktop Out-of-the-box desktop (stage4) for the Lemote Yeeloong netbook

eudev A fork of systemd with the aim of isolating udev from any particular flavor of system initialization.

Hardened uClibc Porting the hardened toolchain to uClibc sysetms. And Lilblue A security-enhanced, fully featured XFCE4, amd64 Gentoo desktop, built on uClibc.

My Blogs

Planet Gentoo


Here are the packages I directly maintain:

net-analyzer/2ping [p] [b] [h] [d] A bi-directional ping utility

sys-apps/agedu [p] [b] [h] [d] A Unix utility for tracking down wasted disk space

x11-libs/amd-adl-sdk [p] [b] [h] [d] API to access display driver functionality for ATI graphics cards

net-misc/arm [p] [b] [h] [d] A monitoring system for tor

net-dns/avahi [p] [b] [h] [d] System which facilitates service discovery on a local network

net-libs/axTLS [p] [b] [h] [d] Configurable client/server TLSv1 SSL library, and small HTTP/HTTPS server, for embedded systems

dev-lang/bashforth [p] [b] [h] [d] String-threaded Forth interpreter in Bash

net-misc/bfgminer [p] [b] [h] [d] Modular Bitcoin CPU/GPU/FPGA miner in C.

net-p2p/bitcoind [p] [b] [h] [d] [r] Bitcoin digital currency daemon

net-p2p/bitcoin-qt [p] [b] [h] [d] [r] Bitcoin digital currency QT4 client

net-p2p/bitflu [p] [b] [h] [d] A BitTorrent client, written in Perl and is designed to run as a daemon

net-dns/c-ares [p] [b] [h] [d] C library that performs DNS requests and name resolves asynchronously.

net-misc/cgminer [p] [b] [h] [d] Bitcoin CPU/GPU/FPGA miner in C.

www-servers/cherokee [p] [b] [h] [d] [r] An extremely fast and tiny web server.

dev-util/comparator [p] [b] [h] [d] Utility for making fast comparisons among large source trees

net-p2p/datacoin-hp [p] [b] [h] [r] High-performance version of datacoin (primecoin-hp fork).

sys-devel/ct-ng [p] [b] [h] [d] A tool to build cross-compiling toolchains.

net-misc/curl [p] [b] [h] [d] curl is a command line tool for transferring data with URL syntax.

net-libs/cyassl [p] [b] [h] [d] [d] [r] Lightweight SSL/TLS library targeted at embedded and RTOS environments

dev-python/ecdsa [p] [b] [h] [d] [r] ECDSA cryptographic signature library in pure Python

net-misc/electrum [p] [b] [h] [d] [r] User friendly Bitcoin client

sys-apps/elfix [p] [b] [h] [r] Tools to work with ELF binaries and libraries on Hardened Gentoo.

dev-util/elfkickers [p] [b] [h] [d] A collection of programs that manipulate ELF files.

dev-util/elfsh [p] [b] [h] [d] An interactive and scriptable ELF machine to play with executable files, shared libraries and relocatable ELF32 objects.

sys-fs/encfs [p] [b] [h] [d] An implementation of encrypted filesystem in user-space using FUSE

sys-fs/f2fs-tools [p] [b] [h/r] [d] An implementation of encrypted filesystem in user-space using FUSE

www-apps/gallery [p] [b] [h] [d] Web based (PHP Script) photo album viewer/creator

dev-util/gperf [p] [b] [h] [d] GNU gperf is a perfect hash function generator

sys-apps/gradm [p] [b] Administrative interface for the GRSEC RBAC = Role Based Access Control system.

sys-kernel/hardened-sources [p] [b] [B] GRSEC/PaX hardened kernel sources

app-doc/halibut [p] [b] [h] [d] Yet another free document preparation system

sys-apps/haveged [p] [b] [h] [d] A simple entropy daemon using the HAVEGE algorithm

dev-libs/hidapi [p] [b] [h] [d] [r] Multi-Platform library for communication with HID devices.

net-firewall/ipsec-tools [p] [b] [h] [d] A port of KAME's IPsec utilities to Linux

net-misc/ipv6calc [p] [b] [h] [d] IPv6 address calculator

dev-libs/libelf [p] [b] [h|d] An ELF object file access library, alternative to elfutils

net-libs/libmicrohttpd [p] [b] [h] [d] A small C library to run an HTTP server as part of another application

net-libs/libnatpmp [p] [b] [h] Library which provides an alternative protocol to UPnP IGD specification.

dev-python/libnatpmp [p] [b] [h] Python module which provides an alternative protocol to UPnP IGD specification.

net-p2p/litecoind [p] [b] [h] [d] [r] P2P Internet currency based on Bitcoin but easier to mine.

net-p2p/litecoin-qt [p] [b] [h] [d] [r] P2P Internet currency based on Bitcoin but easier to mine, QT4 client.

linux-sources [p] [b] Virtual for all flavors of linux source.

dev-lua/luaevent [p] [b] [h] [d] [r] lua binding for libevent

net-misc/minissdpd [p] [b] [h] [d] maintain history of the SSDP NOTIFY to help MiniUPnPd and MiniUPnPc

www-servers/monkeyd [p] [b] [h] [d] [r] A small, fast, and scalable web server

www-apps/moodle [p] [b] [h] [d-19] [d-20] [d-21] [d-22] [d-23] [d-24] [d-25] [d-26] A popular course management system

net-p2p/multibit [p] [b] [h] [d] MultiBit is a secure, lightweight, international Bitcoin wallet written in Java

net-misc/nat-traverse [p] [b] [h] Use of UDP to traverse NAT gateways

net-proxy/obfsproxy [p] [b] [h] [d] [r] A tor-compliant pluggable transports proxy to obfuscate tor traffic

sys-apps/paxctl [p] [b] User-space utility to control PaX flags.

app-admin/paxtest [p] [b] Test suite for the PaX kernel patch.

dev-util/plan9port [p] [b] [h] [d] Port of many Plan 9 programs and libraries

net-p2p/ppcoind [p] [b] [h] [d] Cryptocurrency forked from Bitcoin which aims to be energy efficiency.

net-p2p/ppcoin-qt [p] [b] [h] [d] Cryptocurrency forked from Bitcoin which aims to be energy efficiency, QT4 client.

net-p2p/primecoind [p] [b] [h] [d] [r] P2P Internet currency based on Bitcoin but easier to mine.

net-p2p/primecoin-qt [p] [b] [h] [d] [r] P2P Internet currency based on Bitcoin but easier to mine, QT4 client.

dev-python/pypax [p] [b] [h] [r] Python module to get or set pax markings. It supports both PT_PAX and XT_PAX.

dev-python/pyptlib [p] [b] [h|r] Python library for tor's pluggable transport managed-proxy protocol

sys-apps/rsbac-admin [p] [b] [h] [r] RSBAC = Rule Set Based Access Control hardened kernel sources

sys-kernel/rsbac-sources [p] [b] [h] [r] Administrative interface for the RSBAC = Rule Set Based Access Control system.

dev-python/SchemaObject [p] [b] [h] [r] SchemaObject provides a simple Python object interface to a MySQL database schema.

dev-db/SchemaSync [p] [b] [h] [r] MySQL Schema Versioning and Migration Utility.

dev-python/slowaes [p] [b] [h] [d] AES implementation in pure Python"

app-benchmarks/spew [p] [b] [h] [d] An I/O performance measurement and load generation tool.

app-backup/spideroak-bin [p] [b] [h] [C] An easy, secure and consolidated free online backup, storage, access and sharing system.

app-shells/squirrelsh [p] [b] [h] [d] An advanced, cross-platform object oriented scripting shell based on the squirrel scripting language.

net-misc/stunnel [p] [b] [h] [d] TLS/SSL - Port Wrapper.

www-servers/thttpd [p] [b] [h] [d] thttpd is a simple, small, portable, fast, and secure HTTP server.

net-misc/tinc [p] [b] [h] [d] tinc is an easy to configure VPN implementation

net-misc/tor [p] [b] [h] [d] [r] Anonymous online browsing

net-proxy/torsocks [p] [b] [h] [d] [r] Allows one to use most socks friendly applications with tor.

net-p2p/tribler [p] [b] [h[ [d] [r] Bittorrent client that does not require a website to discover content.

app-forensics/unhide [p] [b] [h] [d] [r] A forensic tool to find hidden processes and TCP/UDP ports by rootkits/LKMs or other techniques.

dev-util/valgrind [p] [b] [h] [d] [r] A tool to help you find memory-management problems in your programs.

www-servers/varnish [p] [b] [h] [d] [r] A state-of-the-art, high-performance HTTP accelerator

net-misc/vidalia [p] [b] [h] [d] [r] A tool to help you find memory-management problems in your programs.

app-admin/webalizer [p] [b] [h] [d] The Webalizer is a fast, free web server log file analysis program.

app-admin/webapp-config [p] [b] [r] Gentoo's installer for web-based applications.

dev-libs/xapian [p] [b] [h] [d] A library which provides advanced indexing and search facilities

dev-libs/xapian-bindings [p] [b] [h] [d] Xapian bindings for lua, mono, perl, php, ruby and tcl

app-text/xapian-omega [p] [b] [h] [d] An application built on Xapian, consisting of indexers and a CGI search frontend.

dev-perl/Search-Xapian [p] [b] [h] [d] Perl XS frontend to the Xapian C++ search library.

net-firewall/xtables-addons [p] [b] [h] [d] [r] iptable extensions not yet accepted in the main kernel/iptables (patch-o-matic(-ng) successor).

Openrc Related: [b] [B]

SELinux Related: [b] [B]

sec-policy/* selinux policies

sys-libs/libselinux [p] [b] Provides an API for SELinux applications.

sys-apps/policycoreutils [p] [b] Contains the policy core utilities required for a SELinux system.

sys-libs/libsemanage [p] [b] SELinux policy management libraries.

sys-libs/libsepol [p] [b] SELinux library for manipulating binary security policies.

app-admin/setools [p] [b] SELinux policy analysis tools.

dev-python/sepolgen [p] [b] Python module needed for audit2allow

sys-apps/checkpolicy [p] [b] SELinux policy compilier

dev-python/python-selinux [p] [b] Python bindings for SELinux libselinux fuctions.

Git Repos/Overlays

My dev overlay which I use for staging ebuilds.

The hardened-sources patchset which I use for preparing the tarballs for the hardened project.

The hardened-docs where we work on documenting the hardened project before they go live.

The hardened-dev an overlay where we work on hardened ebuilds before they go live.

The hardened-gccpatchset is our repo of patches against gcc for hardening.

The Openrc repo for the new baselayout-2.

The Gentoo/OpenBSD overlay for using prefix to install portage on OpenBSD

The elfix repo where I develop the elfix binaries

The webapp-config repo where we maintain webapp-config

The releng repo where I keep scripts related to production of uclibc releases

The catalyst repo the code repository for our stage/livecd building system

The eudev fork of systemd and isolation of udev


Archive of elfkicker patches

Archive of cyassl

Archive of eudev

Archive of hardened-patches

Archive of gradm

Archive of luaevent

Archive of The selinux base policy patchbundle

Archive of torsocks tarballs made from repository

Archive of webapp-config

Open Bugs

Open bugs assigned to me

Open bugs reported by me

Open bugs I'm cc-ed

Open bugs I've commented on

Last modified: