View previous topic :: View next topic |
Author |
Message |
GNUtoo Veteran
Joined: 05 May 2005 Posts: 1919
|
Posted: Thu Jun 29, 2006 7:51 am Post subject: selinux and hardened gentoo questions |
|
|
what is the state of selinux for workstations...i want to use selinux on my computer...
can i use selinux for server?
can i use reiserfs?
what is the performance overhead?
i found an oreilly book about selinux do i need to buy it in order to know how to customise selinux?
i prefer selinux over others system because it's integrated in the kernel
for example i use the 2.6.17 kernel and there isn't any 2.6.17 hardened kernel yet
when will gentoo will have:
*app armor
*exec shield
Last edited by GNUtoo on Sat Jul 01, 2006 8:33 am; edited 1 time in total |
|
Back to top |
|
|
justwantstohelp Apprentice
Joined: 29 Jun 2006 Posts: 251 Location: Sacramento, California
|
Posted: Thu Jun 29, 2006 9:47 am Post subject: |
|
|
Hardened gentoo makes SELinux very easy to install. Using it properly, however, is another matter. You may need the book if you have never used it before. Use your judgement (and your bank account balance).
You can also use it alongside GRSecurity and PAX:
http://www.gentoo.org/proj/en/hardened/selinux/selinux-handbook.xml?part=3&chap=3
Quote: | Can I use SELinux with my primary filesystems?
SELinux can be used with ext2, ext3, JFS, and XFS. Reiserfs (Reiser3) has extended attributes, but the support was never complete, and has been broken since 2.6.14. Reiser4 is not supported. |
|
|
Back to top |
|
|
GNUtoo Veteran
Joined: 05 May 2005 Posts: 1919
|
Posted: Thu Jun 29, 2006 11:10 am Post subject: |
|
|
ok so i'll buy the book if i decide to use selinux |
|
Back to top |
|
|
GNUtoo Veteran
Joined: 05 May 2005 Posts: 1919
|
Posted: Sat Jul 01, 2006 8:34 am Post subject: |
|
|
do anyone know when some security options such as pax will be in the vanilla kernel? |
|
Back to top |
|
|
|