Hardening in 9.04 (Desktop)

A lot of the methods to harden servers has been brought over to the desktop. Ubuntu works to be secure without being over-bearing. If you want a very notable secure system, you can use BSD. These are the people that "focus on nothing but security."

If you want to harden your desktop further, you can check out bastille and selinux. Those two tools can help you greatly harden a system, but you may be left with your system being unusable too.

There's a line between secure and insane. Ubuntu tries to stay on the sane side of things. Every release has contained many notable security upgrades. 9.04 has better support for encrypted home directories for one.

Thanks for your reply, I know ubuntu is doing much for providing security, but the question was "which concrete measurements has been taken"? Afaik ASLR is turned on (or is this information related to the server image only), is PIE enable for all binaries in x86_64 or for network services only (or completely disabled for the desktop image)? Is all userland compiled using SSP and FORTIFY_SOURCES?

I am used to work with hardened gentoo toolchain, perhaps there is a comparison of these both?

Thanks Michael Lustfield, that solved my question.