Archives
Archives
| From: | bridavis@×××××××.net |
|---|---|
| To: | gentoo-user@l.g.o |
| Subject: | Re: [gentoo-user] Re: Simplified apache2 |
| Date: | Thu, 14 Sep 2006 02:57:06 |
| Message-Id: | 091420060251.11738.4508C398000C0EEE00002DDA22007610649C07900E0B079D0D@comcast.net |
| 1 | Thanks James! |
| 2 | |
| 3 | -------------- Original message -------------- |
| 4 | From: James <wireless@×××××××××××.com> |
| 5 | |
| 6 | > Brian Davis comcast.net> writes: |
| 7 | > |
| 8 | > |
| 9 | > > Can one covert a non-hardended machine to use the hardended-profile, or |
| 10 | > > do you have to start from scratch? |
| 11 | > |
| 12 | > |
| 13 | > Hello Brian, |
| 14 | > |
| 15 | > The short answer is YES. The correct answer is you have to |
| 16 | > read quite a lot (I'm in the middle of that) and decide |
| 17 | > which 'path/technology' you want to follow. Here's docs |
| 18 | > you should start looking at: |
| 19 | > |
| 20 | > http://www.gentoo.org/proj/en/hardened/primer.xml |
| 21 | > http://www.gentoo.org/proj/en/hardened/ |
| 22 | > |
| 23 | > I choose 'SElinux' as the path to follow for me |
| 24 | > that makes most sense. Since the NSA was the prime |
| 25 | > motivator, it's an easy path to convince my clients |
| 26 | > to follow. Although SElinux is not a complete |
| 27 | > solution, other complementary software combined with |
| 28 | > SElinux does provide for a complete (security) solution, |
| 29 | > almost..... |
| 30 | > |
| 31 | > |
| 32 | > http://www.gentoo.org/proj/en/hardened/selinux/ |
| 33 | > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml |
| 34 | > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=2 |
| 35 | > |
| 36 | > hth, |
| 37 | > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=2 |
| 38 | > James |
| 39 | > |
| 40 | > |
| 41 | > |
| 42 | > -- |
| 43 | > gentoo-user@g.o mailing list |
| 44 | > |