Hello again,
I installed a fresh Squeeze in a VM and activated SELinux as the wiki
page recommends. It works just fine (including DHCP - I tried the
default packages in Squeeze, didn't try Russell's since everything
worked anyway), with just a few caveats:
- bootmisc.sh doesn't seem to
Dear Russell,
On Freitag, 30. Dezember 2011, Russell Coker wrote:
I can't imagine what the benefit would be in using official packages that
I created and uploaded to Debian over using unofficial packages that I
created and couldn't get in a Squeeze update
Frankly, your lack of imagination is
On 12/31/11 02:55 , Russell Coker wrote:
Support for NX etc is a kernel/hardware issue. AMD64 hardware is more
capable in this regard but there are kernel patches to provide similar
things for i386. I'm not sure of the status of this in Debian.
Debian used to have Exec-shield, Ingo Molnar's
On Sat, 31 Dec 2011, Holger Levsen hol...@layer-acht.org wrote:
On Freitag, 30. Dezember 2011, Russell Coker wrote:
I can't imagine what the benefit would be in using official packages
that I created and uploaded to Debian over using unofficial packages
that I created and couldn't get in a
On Sat, 31 Dec 2011, Laurentiu Pancescu lpance...@googlemail.com wrote:
effective). I tested Exec-shield in Debian a few years ago, with and
without SELinux, it makes a big difference:
I just did a quick test on an i386 system with PAE running a 686 Squeeze
kernel.
SE Linux enforcing vs
On 12/31/11 12:04 , Holger Levsen wrote:
On Freitag, 30. Dezember 2011, Russell Coker wrote:
I can't imagine what the benefit would be in using official packages that
I created and uploaded to Debian over using unofficial packages that I
created and couldn't get in a Squeeze update
Frankly,
On 12/31/11 13:00 , Russell Coker wrote:
On Sat, 31 Dec 2011, Laurentiu Pancesculpance...@googlemail.com wrote:
effective). I tested Exec-shield in Debian a few years ago, with and
without SELinux, it makes a big difference:
I just did a quick test on an i386 system with PAE running a 686
On 31/12/11 12:24, Laurentiu Pancescu wrote:
I think now only grsecurity is available in Debian, providing similar
functionality (it does much more than exec-shield, but it's also more
intrusive - not sure if it's even possible to use SELinux at the same
time). I don't mean this in a bad
On Sat, 2011-12-31 at 18:19 +0100, Carlos Alberto Lopez Perez wrote:
On 31/12/11 12:24, Laurentiu Pancescu wrote:
I think now only grsecurity is available in Debian, providing similar
functionality (it does much more than exec-shield, but it's also more
intrusive - not sure if it's even
Hello,
I would like to harden a web server setup using SELinux. How good is the
support for SELinux on Squeeze? Are the instructions on the Debian Wiki
[1] up to date for Squeeze? I tried this last time on Lenny, and DHCP
couldn't work back then due to SELinux not letting modprobe load
On Fri, 30 Dec 2011, Laurentiu Pancescu lpance...@googlemail.com wrote:
I would like to harden a web server setup using SELinux. How good is the
support for SELinux on Squeeze? Are the instructions on the Debian Wiki
[1] up to date for Squeeze? I tried this last time on Lenny, and DHCP
On Sat, 31 Dec 2011, Laurentiu Pancescu lpance...@googlemail.com wrote:
is there any difference between i386 and amd64 as to how much protection
SELinux is able to provide? Earlier, stuff like NX was only available on
64-bit processors; are there still such differences?
There has never been
12 matches
Mail list logo