Re: [gentoo-user] Gentoo or Linux from Scratch - Perspectives?
Jerry McBride <[EMAIL PROTECTED]> skribis: > On Sunday 14 August 2005 06:06 pm, Volker Armin Hemmann wrote: > > On Sunday 21 August 2005 22:05, Jerry McBride wrote: > > > What and where EXACTLY is gentoo behind any other release? > > > > gcc4 > > > > since fedora switched to gcc4, all the version-number-junkies got itchy. > > > > Is not too bad, if some of them go to fedora... > > We must not be on the same page If you WANT gcc4 you can certainly have > it > in Gentoo. Another thing, too, and I don't know if this is the case with Fedora, but a binary distribution isn't necessarily all compiled with the installed compiler. It probably ought to be, but it doesn't have to be. A few adventurous individuals (not I) have been using gcc4 to build ~amd64 stuff and there are still some packages that give trouble. pgpgNxWbIucmh.pgp Description: PGP signature
Re: [gentoo-user] AMD64: "vanilla-sources" and the risk of using them
> >I grab my sources directly from kernel.org and then apply the patch > >from grsecurity.org. Then I can choose what security features to > >enable, and it's a little adventure Rumen Yotov <[EMAIL PROTECTED]> wrote: > Better to use 'hardened-sources' (former 'hardened-dev-sources') if it's > available on AMD-64 profiles. Hardened sources has the disadvantage of not including test or CVS versions of grsecurity. If you don't use that sort of thing, hardened sources is okay. -- [EMAIL PROTECTED]http://www.chemoelectric.org pgpudogkxRYLY.pgp Description: PGP signature
Re: [gentoo-user] AMD64: "vanilla-sources" and the risk of using them
Holly Bostick <[EMAIL PROTECTED]> wrote: > Michael Haan schreef: > > I *think* I know what they are, what risk do I run by using them? > > ... > The kernel doesn't get any more risk-free than vanilla-sources, because > if those sources are broken then Linux is broken. Uh oh, in that case we all are in trouble! :) I grab my sources directly from kernel.org and then apply the patch from grsecurity.org. Then I can choose what security features to enable, and it's a little adventure. What I used to do (when I was running Slackware rather than Gentoo) is grab kernel.org sources and then apply the patch from openwall.com, and there also I could choose security features, though there was less adventure. :) There's a lot of room for doing things differently from the kernel sources that happen to be in portage. Generally speaking, if you are concerned about security you would want to use Linux 2.4 (or perhaps even 2.2 or 2.0) instead of Linux 2.6, but with Gentoo AMD64 only 2.6 is supported, so you work with what you've got. -- [EMAIL PROTECTED]http://www.chemoelectric.org pgpguefynHIR3.pgp Description: PGP signature
Re: [gentoo-user] Users with access to shell!
[EMAIL PROTECTED] wrote: > I have users accessing to the bash shell of my Gentoo Server, my > question is: > > How can secure my server with this users accessing to shell? , > > How can I monitor this server to see what users have done? Is there > available tools for that? > > I'd like to allow every user to access ONLY its home directory, I mean > he only can work in his directory... This isn't a great situation, but the only thing I can think of that comes close is to use mandatory access controls, such as grsecurity's RBAC. -- [EMAIL PROTECTED]http://www.chemoelectric.org pgptgBvC178K6.pgp Description: PGP signature