Has anyone every successfully deployed an LIDS-patched kernel on a production Linux server? Although LIDS makes the system impossible to abuse, it also makes it impossible to administer! I've created a baseline policy for init/shutdown and almost every services but still feel reluctant using it on a real server.
Nawapong Nakjang IT Security Specialist Security Team, Network Operation Center KSC Commercial Internet Co, Ltd. E-Mail: [EMAIL PROTECTED] PGP Key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP 8.0.2 mQGiBD7/pu8RBADQUn8Cu8paRp3RCOjTaCSn60A+WmeWaR8rJlbVMVAwQHC+ukmK /NQXjrVal4m2hPN7rDdqPfzIq6+Qqxnl/ABUsC+/Vdl6cUWS2epDnNCU/zsAkvoO 1IrVt4Onu5kazu5zQRSZzvfz6VypKz0lL95iG+zQ4N/8ySl2ulbwV4n8fwCg/0RT 2q04ROhCKARc7v/fqGr7s8sEAKFkrIluQ893iBfu0WzWX0KwegQCPtXqIslya2Ac Armke/IaXWUL2bteF8WdaG5Z7BEBhw+6s7jeGIazgCCvN4a8P20o2t1lte5fQP3X JpBsj52ALKX+vD92KA6gTlYX+1GOd8ay4KxEbIB8EVOntHU9Q274FJDpa9GWONzF h9ZaBACRwgsNiBc/m1jht57fyDLG/e+kAZCUeen/hROok+1XZYluJd24hfFTFgzT kn7Q3cN2AM2ZuDtLBCeonyTOJKy2ynvoD/yWjIUA9dIE+XWGrgQffr4A32zjOl7/ BdRFjRpbxrq+QCw49JPNLJWfkrRqpEJDer0dzpyxpPWnjDcRwrQfTmF3YXBvbmcg TmFramFuZyA8dG9ueUBrc2MubmV0PokAWAQQEQIAGAUCPv+m7wgLCQgHAwIBCgIZ AQUbAwAAAAAKCRCoZlyho4t6xh5jAJ9YvbrO/Db2UX4pc8CdwahP+esF2wCgjZhQ 6uAQENGza7pNEviVAiszTyi5Ag0EPv+m7xAIAPZCV7cIfwgXcqK61qlC8wXo+VMR OU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf 3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2g pXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPA Q/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQD GcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH /ioTHmSpvAE8LN4CzkVl79nI6/c4D+7lwDjWd62U0NeM05NoI0EqVooudphX1tay Z071bsYwVFSdXjYnbERggB4pQmXf5mqwl60PIu1dBEMPjfAj/61KVVuaWu0HBjEt GJj2lGbG8joUP2+RipkPV+sAPtKyynsx0WsLNCOZfWnVRA/RsEr3nUl6g3REwYE7 lqYaN7f9183D9IXlG7ilEcBeHPAb6LyyE4PDrQum+VsbIFe1DOLHMgr786skWifO LlexwRRbD++MeymQxju4DsGcCTgPlfKaMsY47jr0NJZuLrJQH8Dy4fYBN9toqFwl 9uokDDvgCnaaM+h/doIjtyiJAEwEGBECAAwFAj7/pu8FGwwAAAAACgkQqGZcoaOL esZdrACgyqmhGdr+kUibPDWh8sV8kcb0/QYAn0kFoPbZqHvQ92M2uAwuwVBjn1aN =uaiT -----END PGP PUBLIC KEY BLOCK-----
