1 |
Hello list, |
2 |
|
3 |
Now that grsecurity is off-limits, I'm left wondering how to go about |
4 |
hardening a no-multilib box that will be exposed to the Big Bad World. |
5 |
|
6 |
To start with, it's not obvious which profile to use: |
7 |
|
8 |
$ eselect profile list | grep no-multi | grep hardened |
9 |
[23] default/linux/amd64/17.0/no-multilib/hardened |
10 |
[24] default/linux/amd64/17.0/no-multilib/hardened/selinux |
11 |
[29] hardened/linux/amd64/no-multilib |
12 |
[30] hardened/linux/amd64/no-multilib/selinux |
13 |
|
14 |
The wiki is also now out of date; it still talks about grsecurity, and there |
15 |
are too many overlapping guides. |
16 |
|
17 |
Until that's sorted out, would the panel like to offer some guidance? |
18 |
|
19 |
-- |
20 |
Regards, |
21 |
Peter. |