From: | bridavis@×××××××.net |
---|---|
To: | gentoo-user@l.g.o |
Subject: | Re: [gentoo-user] Re: Simplified apache2 |
Date: | Thu, 14 Sep 2006 02:57:06 |
Message-Id: | 091420060251.11738.4508C398000C0EEE00002DDA22007610649C07900E0B079D0D@comcast.net |
1 | Thanks James! |
2 | |
3 | -------------- Original message -------------- |
4 | From: James <wireless@×××××××××××.com> |
5 | |
6 | > Brian Davis comcast.net> writes: |
7 | > |
8 | > |
9 | > > Can one covert a non-hardended machine to use the hardended-profile, or |
10 | > > do you have to start from scratch? |
11 | > |
12 | > |
13 | > Hello Brian, |
14 | > |
15 | > The short answer is YES. The correct answer is you have to |
16 | > read quite a lot (I'm in the middle of that) and decide |
17 | > which 'path/technology' you want to follow. Here's docs |
18 | > you should start looking at: |
19 | > |
20 | > http://www.gentoo.org/proj/en/hardened/primer.xml |
21 | > http://www.gentoo.org/proj/en/hardened/ |
22 | > |
23 | > I choose 'SElinux' as the path to follow for me |
24 | > that makes most sense. Since the NSA was the prime |
25 | > motivator, it's an easy path to convince my clients |
26 | > to follow. Although SElinux is not a complete |
27 | > solution, other complementary software combined with |
28 | > SElinux does provide for a complete (security) solution, |
29 | > almost..... |
30 | > |
31 | > |
32 | > http://www.gentoo.org/proj/en/hardened/selinux/ |
33 | > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml |
34 | > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=2 |
35 | > |
36 | > hth, |
37 | > http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=2 |
38 | > James |
39 | > |
40 | > |
41 | > |
42 | > -- |
43 | > gentoo-user@g.o mailing list |
44 | > |