1 |
So I think I ll go for the RSBAC security, but I have a question....is it better to first install and configure all the services on the server and then add the rsbac or install a basic system and do the instal of RSBAC, and then the other services? |
2 |
|
3 |
|
4 |
|
5 |
----- Message d'origine ---- |
6 |
De : Francesco Riosa <BastianBalthazarBux@×××××××××.it> |
7 |
À : gentoo-hardened@l.g.o |
8 |
Envoyé le : Mercredi, 15 Novembre 2006, 17h53mn 19s |
9 |
Objet : Re: [gentoo-hardened] Which hardened (SUB)project |
10 |
|
11 |
Steev Klimaszewski wrote: |
12 |
> Francesco Riosa wrote: |
13 |
>> Brian Davis wrote: |
14 |
>>> |
15 |
>>> Francesco Riosa wrote: |
16 |
>>>> Brian Davis wrote: |
17 |
>>>> |
18 |
>>>>> The only comment I'll make is that Reiserfs doesn't support SELinux. |
19 |
>>>>> |
20 |
>>>> That it's "non issue" for a new server, reiser3 is getting obsolete, |
21 |
>>>> it's advantages are not enough to try the risk, |
22 |
>>> Why do you say that? |
23 |
>> - upstream has serious real life troubles |
24 |
>> - SuSE is not anymore so interested in reiser3 |
25 |
>> - a continuously changing linux kernel may lock a reiser user to an old |
26 |
>> version (pain for a security oriented system) |
27 |
>> - ext3 evolving and becoming ext4 in a reasonable mount of time |
28 |
>> - major advantages only with _many_ files in one single directory |
29 |
>> |
30 |
>> don't get me wrong I liked and still like reiserfs but it's time is gone |
31 |
>> |
32 |
> |
33 |
> I've been lurking on this list for a while, running a couple of |
34 |
> hardened servers, and the Gentoo guidelines for servers suggest reiser |
35 |
> as the fs. I guess my couple of questions are, |
36 |
> |
37 |
> 1) What does what SUSE's interest in reiser have to do with anything? |
38 |
> (Serious question here, not an attempt at a troll, I really am curious |
39 |
> as I don't follow along very closely) |
40 |
And it's a good question, reiserfs is opensource and so the interest of |
41 |
only a subject (SuSE) is moot, but my feelings are the the community is |
42 |
not any more interested in support reiser3 very much (obviously speaking |
43 |
of feelings this opinion is moot too ). |
44 |
Peter Volkov has already pointed out why and when SuSE decided to choose |
45 |
other roads (may worth read it). |
46 |
> |
47 |
> 2) Is there anything other than backing up a partition, and mkfs'ing |
48 |
> to a different format? I.E. some type of conversion utility for |
49 |
> reiserfs->other format? |
50 |
No, but backup and restore is not something that someone want to |
51 |
schedule expecially with a great amount of data |
52 |
, it may take hours (days) and the fact that you must consider it |
53 |
choosing reiserfs3 now is still a detractive point. |
54 |
|
55 |
|
56 |
People, this look like no more an "gentoo-hardened" issue, wont to end |
57 |
the discussion (if needed) via private mail? |
58 |
if you chose that, please write to "francesco"at"pnpitalia".it it's more |
59 |
likely to get an answer. |
60 |
sorry for the spam |
61 |
|
62 |
-- |
63 |
gentoo-hardened@g.o mailing list |
64 |
|
65 |
|
66 |
|
67 |
|
68 |
|
69 |
|
70 |
|
71 |
|
72 |
|
73 |
|
74 |
|
75 |
|
76 |
___________________________________________________________________________ |
77 |
Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! |
78 |
Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses |
79 |
http://fr.answers.yahoo.com |