On 9/13/06, James <[EMAIL PROTECTED]> wrote:
Not sure I fully grasp what you mean by a 'hardened system'. If you mean running a hardened kernel with only necessary software installed, then yes, I run hardened kernels on most servers {dns, web, mail, firwalls....} If running a hardened system means more than that, please explain, or point me to some docs.
I guess I should have clarified when I made my initial suggestion. A hardened system is one that is running the hardened profile. All my server systems are built from the hardened stage 1 tarball. So basically, you should not use the hardened useflag if your system was not built with the hardened profile. Note that there is more to "hardening" a system than just using a certain profile or a combination of useflags but its a good start. -Mike -- ________________________________ Michael E. Crute http://mike.crute.org I may not have gone where I intended to go, but I think I have ended up where I intended to be. --Douglas Adams -- gentoo-user@gentoo.org mailing list