Are you REALLY using hardening Kernel technologies ?
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Are you REALLY using hardening Kernel technologies ?
Are you using hardening / security policy systems such as SELinux, Grsecurity, Apparmor, or other ones (?), in your main Operating System(s) ?
Please share your experience, advantages/disadvantages, easy to use, or not, the strengh of your security policy, etc ! Thanks !
Please share your experience, advantages/disadvantages, easy to use, or not, the strengh of your security policy, etc ! Thanks !
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
- Pilosopong Tasyo
- Level 6
- Posts: 1432
- Joined: Mon Jun 22, 2009 3:26 am
- Location: Philippines
Re: Are you REALLY using hardening Kernel technologies ?
Not a support question. Moved to Chat about Linux.
o Give a man a fish and he will eat for a day. Teach him how to fish and he will eat for a lifetime!
o If an issue has been fixed, please edit your first post and add the word [SOLVED].
o If an issue has been fixed, please edit your first post and add the word [SOLVED].
Re: Are you REALLY using hardening Kernel technologies ?
OK, thanks !
In case of "others", would you please share with us what tools/tricks/methods are you using ?
PS : the poll is anonymous, don't be affraid to answer !
Thank you very much !
In case of "others", would you please share with us what tools/tricks/methods are you using ?
PS : the poll is anonymous, don't be affraid to answer !
Thank you very much !
Re: Are you REALLY using hardening Kernel technologies ?
I use Tomoyo (LSM) on my Debian servers which are opened to the Internet.
Re: Are you REALLY using hardening Kernel technologies ?
My guess is: it would make a difference if you are using a linux distro as a server or as a desktop. Most people here use LM as a desktop and probably just use LM as is - not bothering to add stuffs.
Sheng-Chieh
Sheng-Chieh
Re: Are you REALLY using hardening Kernel technologies ?
It is the users that need to be hardened, not the kernel.
</opinion>
Slackware: hardened by default.
</opinion>
Slackware: hardened by default.
Re: Are you REALLY using hardening Kernel technologies ?
It would be an enormous and really very interesting discussion. I agree ! Please, do not open a topic on that subject, I need to keep a little bit of free time !Habitual wrote:It is the users that need to be hardened, not the kernel.
</opinion>
-
- Level 4
- Posts: 277
- Joined: Sun Apr 24, 2011 1:51 am
Re: Are you REALLY using hardening Kernel technologies ?
I use apparmor under Mint but I use none under Manjaro.
I wanted to use selinux so I installed Fedora 20 but after installing the Nvidia driver from rpmfusion I got a black screen with a blinking cursor.
I wanted to use selinux so I installed Fedora 20 but after installing the Nvidia driver from rpmfusion I got a black screen with a blinking cursor.
Re: Are you REALLY using hardening Kernel technologies ?
If users need to be hardened, you're doing it wrong...
Voted grsecurity.
Voted grsecurity.
Re: Are you REALLY using hardening Kernel technologies ?
Apparmor enabled for system and for additional chromium sandboxing I have enabled YAMA (chrome://sandboxing =>
SUID Sandbox Yes
PID namespaces Yes
Network namespaces Yes
Seccomp-BPF sandbox YEs
Yama LSM enforcing YES
.
SUID Sandbox Yes
PID namespaces Yes
Network namespaces Yes
Seccomp-BPF sandbox YEs
Yama LSM enforcing YES
.