| 1 |
Well, hardened profile really did add some peace of mind to me, very rarely |
| 2 |
I found some app to be terminated thanks to stack smashing protection. I |
| 3 |
would like to have safe working environment, but the incompatibility cost |
| 4 |
me quite some time. Hardened would be the only choice for me if it was a |
| 5 |
server solution, but for notebook workstation with KDE it is quite |
| 6 |
inconvenient. ATI fglrx drivers have problems on hardened kernel (even with |
| 7 |
GrSec and PAX disabled, just thanks to other hardened patches), VirtualBox |
| 8 |
cannot be compiled using hardened gcc profile, when trying to emerge |
| 9 |
wxMaxima some of its dependencies refuse to be compiled on hardened profile |
| 10 |
(was it gnuplot? I am really not sure)... These are usually small amounts |
| 11 |
of time which I have to invest, but there is quite a bunch of them. On |
| 12 |
server I have no such problems and I am using hardened profile with lots of |
| 13 |
security features turned on without problems, but on desktop workstation it |
| 14 |
is quite a pain. |
| 15 |
Anyway I have already creates a partition and in some free time I have been |
| 16 |
installing Gentoo with default profile via chroot. When I have complete |
| 17 |
environment and all my data moved, I'll try to convert the profile, just |
| 18 |
out of curiosity... |
| 19 |
Peter |
Archives