| 1 |
On Wednesday 10 June 2009 14:24:44 RB wrote: |
| 2 |
> If you choose to pursue this route, I highly suggest |
| 3 |
> at least looking at the grsecurity RBAC that is built into (and |
| 4 |
> supported in) the hardened-sources kernel. |
| 5 |
Well, I have such a kernel right now and quite likely, there is no need to |
| 6 |
rebuild it. I only lack some good information about how to set that Apache |
| 7 |
chroot up properly. Honestly I now tend to assume, my server is and will be |
| 8 |
only a mortal one, so I even consider just running it plainly. But if thats |
| 9 |
not an overkill, I'd like to jail Apache! Maybe you have some link...? |
| 10 |
|
| 11 |
Chris, maybe I don't really need v-server? And yes, virtualisation is too |
| 12 |
heavy. |
| 13 |
|
| 14 |
Jan |
Archives