Gentoo Archives: gentoo-security

From: "Steve B." <rshadow@××××××××××××××.net>
To: Gentoo Security <gentoo-security@l.g.o>
Subject: [gentoo-security] grSecurity Information
Date: Fri, 09 Jan 2004 10:18:16
Hash: SHA1


  I was browsing the hardened gentoo website and attempting to configure ACL
and grSecurity in my kernel and of course have a few questions.

1. What is the difference between the hardened kernel sources and compiling
grSecurity and ACL support into the gentoo-sources?

2.  Are there any known options in grSecurity that break gentoo?  The reason
why I ask is because I attempted to follow the directions for enabling
grSecurity and something I enabled broke devfs.. when booting it dies with
some vfree() calls.

3.  My goal is to create a secure gentoo server.  What is the best way to go
about this?  I orginialy just compiled a gentoo system to get it all working,
then I got dns, mail and what not working.. barely..   Is it better to go
"secure" from the beginning? (For example I noticed stuff about bootstrapping
with ProPolice.. something I didn't do

4.  I don't know too much of the details of linux or security .. this stuff
kind of confuses me. Don't kill me or anything.. but I am comming from a
windows MFC / Win32API background.  However I want to learn (and help if I
can).  I have a particular learning style though.. It seems the only way I
can learn is "Here is how you do it, now here is why, and finnaly here is
about 50 examples of how to do it"

any guidence on grSecurity and such would be a great help.

Thank you,

- -- 
Q: What's another name for the "Intel Inside" sticker they put on Pentiums? 
A: Warning label. 
Version: GnuPG v1.2.3 (GNU/Linux)


gentoo-security@g.o mailing list


Subject Author
Re: [gentoo-security] grSecurity Information Stephen Clowater <steve@×××××××××××××××××.org>