Gentoo Packages

USE Flag: hardened

Search

Global Description

activate default security enhancements for toolchain (gcc, glibc, binutils)

Local and Metadata Descriptions

Metadata Descriptions (metadata.xml)

app-admin/kos: Harden output binary for security
app-backup/urbackup-server: Enables GCC runtime fortification
app-emulation/virtualbox-kvm: Enable hardening and install binaries SUID
app-misc/yafetch: Harden the package
dev-libs/mimalloc: Enable exploit mitigations
sci-libs/libqalculate: Disable unsafe functions like 'command' and variables like 'uptime'.
sys-kernel/cachyos-kernel: Enable hardened kernel patches for enhanced security
sys-kernel/cachyos-kernel-bin: Hardened kernel with BORE scheduler and security patches
sys-kernel/cachyos-sources: Enable hardened kernel patches for enhanced security
sys-kernel/femkvm-kernel: Use selection of hardening options recommended by Kernel Self Protection Project
sys-kernel/gentoo-kernel: Use selection of hardening options recommended by Kernel Self Protection Project
sys-kernel/xanmod-rt: Use selection of hardening options recommended by Kernel Self Protection Project
virtual/cachyos-sources: Require CachyOS kernel sources with hardened patches

Local Descriptions (use.local.desc)

app-emulation/virtualbox-kvm: Enable hardening and install binaries SUID
dev-libs/mimalloc: Enable exploit mitigations
net-dns/ddclient: Use iproute2 instead of ifconfig to grab an IP address
sci-libs/libqalculate: Disable unsafe functions like 'command' and variables like 'uptime'.
sys-kernel/gentoo-kernel: Use selection of hardening options recommended by Kernel Self Protection Project

Packages Using This Flag

Package	Local Description (use.local.desc)	Metadata Description (metadata.xml)
www-client/torbrowser	-	-
sys-kernel/cachyos-kernel	-	Enable hardened kernel patches for enhanced security
sys-kernel/cachyos-kernel-bin	-	Hardened kernel with BORE scheduler and security patches
sys-kernel/cachyos-sources	-	Enable hardened kernel patches for enhanced security
virtual/cachyos-sources	-	Require CachyOS kernel sources with hardened patches
www-client/firefox	-	-
media-libs/opus	-	-
sys-cluster/flux	-	-
sys-cluster/minikube	-	-
sys-kernel/asahi-kernel	-	-
app-containers/docker-cli	-	-
mail-client/thunderbird	-	-
cross-x86_64-unknown-linux-musl/binutils	-	-
app-admin/kos	-	Harden output binary for security
app-misc/yafetch	-	Harden the package
app-containers/containerd	-	-
app-containers/runc	-	-
sys-kernel/femkvm-kernel	-	Use selection of hardening options recommended by Kernel Self Protection Project
sys-kernel/femxen-kernel	-	-
app-admin/clsync	-	-
app-emulation/virtualbox-kvm	Enable hardening and install binaries SUID	Enable hardening and install binaries SUID
app-misc/jdupes	-	-
dev-libs/mimalloc	Enable exploit mitigations	Enable exploit mitigations
dev-ruby/rjb	-	-
games-emulation/dosbox	-	-
llvm-core/clang-common	-	-
media-gfx/imagemagick	-	-
media-libs/libraw	-	-
net-analyzer/suricata	-	-
net-misc/cgminer	-	-
net-misc/udpcast	-	-
net-vpn/tor	-	-
sci-libs/libqalculate	Disable unsafe functions like 'command' and variables like 'uptime'.	Disable unsafe functions like 'command' and variables like 'uptime'.
sys-devel/binutils	-	-
sys-devel/binutils-hppa64	-	-
sys-devel/distcc	-	-
sys-kernel/gentoo-kernel	Use selection of hardening options recommended by Kernel Self Protection Project	Use selection of hardening options recommended by Kernel Self Protection Project
sys-kernel/vanilla-kernel	-	-
sys-kernel/xanmod-rt	-	Use selection of hardening options recommended by Kernel Self Protection Project
dev-libs/glib	-	-
net-dns/dnscrypt-proxy	-	-
x11-libs/gnome-pty-helper	-	-
mail-mta/postfix	-	-
www-client/librewolf	-	-
net-misc/tlsdate	-	-
sys-kernel/mnt-reform-kernel	-	-
app-backup/urbackup-client	-	-
app-backup/urbackup-server	-	Enables GCC runtime fortification
www-client/icecat	-	-
pentoo/pentoo-rce	-	-
sys-kernel/gentoo-kernel-ps3	-	-
net-analyzer/f2b	-	-
net-misc/ccminer	-	-
games-emulation/dosbox-x	-	-