>>3
No, I'm just wondering if there's better than that. Oh and
>>4
Gentoo Hardened
Who reviews packages? Does the package manager use digital signatures? Can an evil package maintainer inject a rootkit in the system due to a crappy package review process? Do enough people watch over version diffs and patches to eliminate security threats?