Gentoo Archives: gentoo-user

From: Peter Humphrey <peter@××××××××××××.uk>
To: gentoo-user@l.g.o
Subject: [gentoo-user] How to harden a system
Date: Sat, 23 Dec 2017 14:09:45
Message-Id: 2022504.K2LgkkC3Iq@peak
Hello list,

Now that grsecurity is off-limits, I'm left wondering how to go about 
hardening a no-multilib box that will be exposed to the Big Bad World.

To start with, it's not obvious which profile to use:

$ eselect profile list | grep no-multi | grep hardened
  [23]  default/linux/amd64/17.0/no-multilib/hardened
  [24]  default/linux/amd64/17.0/no-multilib/hardened/selinux
  [29]  hardened/linux/amd64/no-multilib
  [30]  hardened/linux/amd64/no-multilib/selinux

The wiki is also now out of date; it still talks about grsecurity, and there 
are too many overlapping guides.

Until that's sorted out, would the panel like to offer some guidance?

-- 
Regards,
Peter.

Replies

Subject Author
Re: [gentoo-user] How to harden a system Michael Orlitzky <mjo@g.o>
Re: [gentoo-user] How to harden a system Adam Carter <adamcarter3@×××××.com>
Re: [gentoo-user] How to harden a system "Taiidan@×××.com" <Taiidan@×××.com>