* Re: [gentoo-user] How to harden a system
@ 2017-12-23 17:46 99% ` Michael Orlitzky
0 siblings, 0 replies; 1+ results
From: Michael Orlitzky @ 2017-12-23 17:46 UTC (permalink / raw
To: gentoo-user
On 12/23/2017 09:09 AM, Peter Humphrey wrote:
> Hello list,
>
> Now that grsecurity is off-limits, I'm left wondering how to go about
> hardening a no-multilib box that will be exposed to the Big Bad World.
You can still use grsec/pax if you're willing to stick with an older
(LTS) kernel:
https://github.com/minipli/linux-unofficial_grsec/tree/linux-4.9.x-unofficial_grsec
> To start with, it's not obvious which profile to use:
>
> $ eselect profile list | grep no-multi | grep hardened
> [23] default/linux/amd64/17.0/no-multilib/hardened
> [24] default/linux/amd64/17.0/no-multilib/hardened/selinux
One of those two, depending on whether or not you use SELinux.
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2017-12-23 14:09 [gentoo-user] How to harden a system Peter Humphrey
2017-12-23 17:46 99% ` Michael Orlitzky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox