| 1 |
On 2011-12-10 3:07 PM, Matthew Finkel <matthew.finkel@×××××.com> wrote: |
| 2 |
> |
| 3 |
> You may be able to get a better response from the -hardened list, |
| 4 |
|
| 5 |
Dang, I had forgotten gentoo has a bunch of other lists... thanks, just |
| 6 |
subscribed... |
| 7 |
|
| 8 |
> but I built a hardened server a few months ago without much |
| 9 |
> difficulty. As far as I know, the correct model to use depends on |
| 10 |
> what you want to do with the server/what security you are looking to |
| 11 |
> implement. When I went hardened, I used PaX and grsec [1] because it |
| 12 |
> offered the security I was looking for but didn't restrict userland |
| 13 |
> usability on a server on which I was the only user. My understanding |
| 14 |
> is that this restriction would be a consequence of using SeLinux. |
| 15 |
|
| 16 |
Yeah, I was leaning toward avoiding SeLinux already from what I've been |
| 17 |
reading, thanks... |
| 18 |
|
| 19 |
> [1] http://www.gentoo.org/proj/en/hardened/grsecurity.xml |
| 20 |
> |
| 21 |
> As for a solid comparison of the different models and tutorials for |
| 22 |
> them, I don't know of any. I just used [1] as well as the PaX page to |
| 23 |
> install and configure them and I didn't run into any problems. |
| 24 |
|
| 25 |
Good to know, and thanks again... |
Archives