From: Hinnerk van Bruinehsen <h.v.bruinehsen@fu-berlin.de>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Anyone running a hardened profile?
Date: Sun, 6 Sep 2015 22:59:45 +0200 [thread overview]
Message-ID: <20150906205945.GC12340@AndTheirFacesAreTwistedWithThePainOfTheLiving.alshain.ring0> (raw)
In-Reply-To: <20150906131517.52e8d6a0@a6>
Hello walt,
I've running hardened (hardened profile + kernel (including pax and grsec)) for
at least 5 years on all my boxes except one (my gaming only box).
It's been quite a while that I had an issue caused by the hardened profile that
wasn't due to my fiddeling around with stuff like SELinux and the like. Even
these problems were all relatively easy to solve.
Truth be told: I guess that you won't even notice the hardened profile unless
you also run a hardened kernel (while still having increased security).
On Sun, Sep 06, 2015 at 01:15:17PM -0700, walt wrote:
> https://wiki.gentoo.org/wiki/Hardened_Gentoo
>
> That wiki page is very seductive. It makes me want to drop everything
> and select a hardened profile and re-emerge everything from scratch.
>
> But I have a feeling I'd soon be in big trouble if I did. Is this
> something that only gentoo devs should be messing with, or is this
> a project that a typical gentoo end-user might hope to accomplish
> without frequent suicidal thoughts?
next prev parent reply other threads:[~2015-09-06 21:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-06 20:15 [gentoo-user] Anyone running a hardened profile? walt
2015-09-06 20:52 ` [gentoo-user] " James
2015-09-06 20:59 ` Hinnerk van Bruinehsen [this message]
2015-09-06 21:53 ` [gentoo-user] " Fernando Rodriguez
2015-09-07 17:02 ` wabenbau
2015-09-08 1:07 ` Fernando Rodriguez
2015-09-06 22:06 ` Michael Orlitzky
2015-09-07 17:10 ` wabenbau
2015-09-07 18:27 ` Michael Orlitzky
2015-09-08 1:15 ` [gentoo-user] " walt
2015-09-08 1:34 ` Fernando Rodriguez
2015-09-08 1:38 ` Michael Orlitzky
2015-09-08 20:42 ` Fernando Rodriguez
2015-09-06 23:09 ` [gentoo-user] " Andreas K. Huettel
2015-09-07 17:07 ` wabenbau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150906205945.GC12340@AndTheirFacesAreTwistedWithThePainOfTheLiving.alshain.ring0 \
--to=h.v.bruinehsen@fu-berlin.de \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox