Gentoo Archives: gentoo-hardened

From: Mathieu CASTEL <mathieucastel@×××××.fr>
To: gentoo-hardened@l.g.o
Subject: Re : [gentoo-hardened] Which hardened (SUB)project
Date: Fri, 17 Nov 2006 10:58:34
Message-Id: 20061117105637.20418.qmail@web32004.mail.mud.yahoo.com
1 So I think I ll go for the RSBAC security, but I have a question....is it better to first install and configure all the services on the server and then add the rsbac or install a basic system and do the instal of RSBAC, and then the other services?
2
3
4
5 ----- Message d'origine ----
6 De : Francesco Riosa <BastianBalthazarBux@×××××××××.it>
7 À : gentoo-hardened@l.g.o
8 Envoyé le : Mercredi, 15 Novembre 2006, 17h53mn 19s
9 Objet : Re: [gentoo-hardened] Which hardened (SUB)project
10
11 Steev Klimaszewski wrote:
12 > Francesco Riosa wrote:
13 >> Brian Davis wrote:
14 >>>
15 >>> Francesco Riosa wrote:
16 >>>> Brian Davis wrote:
17 >>>>
18 >>>>> The only comment I'll make is that Reiserfs doesn't support SELinux.
19 >>>>>
20 >>>> That it's "non issue" for a new server, reiser3 is getting obsolete,
21 >>>> it's advantages are not enough to try the risk,
22 >>> Why do you say that?
23 >> - upstream has serious real life troubles
24 >> - SuSE is not anymore so interested in reiser3
25 >> - a continuously changing linux kernel may lock a reiser user to an old
26 >> version (pain for a security oriented system)
27 >> - ext3 evolving and becoming ext4 in a reasonable mount of time
28 >> - major advantages only with _many_ files in one single directory
29 >>
30 >> don't get me wrong I liked and still like reiserfs but it's time is gone
31 >>
32 >
33 > I've been lurking on this list for a while, running a couple of
34 > hardened servers, and the Gentoo guidelines for servers suggest reiser
35 > as the fs. I guess my couple of questions are,
36 >
37 > 1) What does what SUSE's interest in reiser have to do with anything?
38 > (Serious question here, not an attempt at a troll, I really am curious
39 > as I don't follow along very closely)
40 And it's a good question, reiserfs is opensource and so the interest of
41 only a subject (SuSE) is moot, but my feelings are the the community is
42 not any more interested in support reiser3 very much (obviously speaking
43 of feelings this opinion is moot too ).
44 Peter Volkov has already pointed out why and when SuSE decided to choose
45 other roads (may worth read it).
46 >
47 > 2) Is there anything other than backing up a partition, and mkfs'ing
48 > to a different format? I.E. some type of conversion utility for
49 > reiserfs->other format?
50 No, but backup and restore is not something that someone want to
51 schedule expecially with a great amount of data
52 , it may take hours (days) and the fact that you must consider it
53 choosing reiserfs3 now is still a detractive point.
54
55
56 People, this look like no more an "gentoo-hardened" issue, wont to end
57 the discussion (if needed) via private mail?
58 if you chose that, please write to "francesco"at"pnpitalia".it it's more
59 likely to get an answer.
60 sorry for the spam
61
62 --
63 gentoo-hardened@g.o mailing list
64
65
66
67
68
69
70
71
72
73
74
75
76 ___________________________________________________________________________
77 Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions !
78 Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses
79 http://fr.answers.yahoo.com

Replies

Subject Author
Re: Re : [gentoo-hardened] Which hardened (SUB)project Brian Davis <bridavis@×××××××.net>