| View previous topic :: View next topic |
| Author |
Message |
jentuu
n00b
Joined: 26 Jan 2006
Posts: 41
Location: Georgia, Tbilisi
|
 Posted: Wed Nov 11, 2020 11:15 am Post subject: question about gentoo security |
 |
|
Hello guys I have one question:
Should I harden Gentoo Linux OS security with layer like selinux/apparmoor or it is as secure as possible by default with latest kernels?
P.S. does gentoo hardened profile provides any benefit after latest kernels security improvements?
_________________
just emerge |
|
| Back to top |
|
 |
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 55005
Location: 56N 3W
|
| Posted: Wed Nov 11, 2020 6:39 pm Post subject: |
|
|
jentuu,
Security doesn't work like that.
First, define the threats that you wan to defend against.
Now deploy defences to defend against those threats.
There is a trade off between security and usability. You heed to define for yourself what the tradeoff is for you.
e.g. Threat, attacks delivered via the internet.
Defence, do not install a network connection.
That's a rather vague threat. Its mostly countered by the defence but it has a huge impact on usability.
An air gapped system is fine (and expected) for manipulating crypto keys but you may not want to use it as your everyday desktop system.
Hardening ads a little but its mostly in Gentoo by default now.
There are some kernel configuration settings you should take note of.
Don't run any software or services you don't need. The more code you have running the bigger the attack surface.
Keep in mind Security too.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
jentuu
n00b
Joined: 26 Jan 2006
Posts: 41
Location: Georgia, Tbilisi
|
| Posted: Sat Nov 14, 2020 7:45 pm Post subject: |
|
|
NeddySeagoon thats clear thank you for reply
_________________
just emerge |
|
| Back to top |
|
|
|
Networking & Security
