You are not logged in.
- Topics: Active | Unanswered
#1 2017-12-08 08:52:47
- beta990
- Member
- Registered: 2011-07-10
- Posts: 207
[SOLVED] linux-hardened or patched kernel with Appammor/SELinux?
I'm running Arch Linux on a production webserver, to protect the server and I use already implemented most things as describe in Security.
Also I'm aware of setting permission correctly.
Since Arch Linux doesn't do SELinux/Appammor by default, so what benefits would linux-hardened bring apart from things listed in Security?
Should I use a patched kernel with Appammor/SELinux or doesn't this bring any benefits?
Many thanks!
Last edited by beta990 (2017-12-19 09:56:23)
Offline
#2 2017-12-08 15:19:07
- Uriel_Bernhard48
- Member
- Registered: 2017-08-08
- Posts: 29
Re: [SOLVED] linux-hardened or patched kernel with Appammor/SELinux?
Linux-hardened brings some security benefits, i.e. better ASLR. It also has built-in SElinux but you will need to rebuild some userspace tools to gain actual advantages from it https://github.com/archlinuxhardened
Last edited by Uriel_Bernhard48 (2017-12-08 15:19:29)
Offline
#3 2017-12-08 16:08:00
- beta990
- Member
- Registered: 2011-07-10
- Posts: 207
Re: [SOLVED] linux-hardened or patched kernel with Appammor/SELinux?
Linux-hardened brings some security benefits, i.e. better ASLR. It also has built-in SElinux but you will need to rebuild some userspace tools to gain actual advantages from it https://github.com/archlinuxhardened
Thanks! So I'm just fine running linux-hardened on a server? 
Does it also support Apparmor?
Offline
#4 2017-12-08 16:22:14
- Uriel_Bernhard48
- Member
- Registered: 2017-08-08
- Posts: 29
Re: [SOLVED] linux-hardened or patched kernel with Appammor/SELinux?
No, Apparmor isn't supported. You need to rebuild kernel to enable it.
Offline