So I think I ll go for the RSBAC security, but I have a question....is it better to first install and configure all the services on the server and then add the rsbac or install a basic system and do the instal of RSBAC, and then the other services?
----- Message d'origine ---- De : Francesco Riosa <[EMAIL PROTECTED]> À : [email protected] Envoyé le : Mercredi, 15 Novembre 2006, 17h53mn 19s Objet : Re: [gentoo-hardened] Which hardened (SUB)project Steev Klimaszewski wrote: > Francesco Riosa wrote: >> Brian Davis wrote: >>> >>> Francesco Riosa wrote: >>>> Brian Davis wrote: >>>> >>>>> The only comment I'll make is that Reiserfs doesn't support SELinux. >>>>> >>>> That it's "non issue" for a new server, reiser3 is getting obsolete, >>>> it's advantages are not enough to try the risk, >>> Why do you say that? >> - upstream has serious real life troubles >> - SuSE is not anymore so interested in reiser3 >> - a continuously changing linux kernel may lock a reiser user to an old >> version (pain for a security oriented system) >> - ext3 evolving and becoming ext4 in a reasonable mount of time >> - major advantages only with _many_ files in one single directory >> >> don't get me wrong I liked and still like reiserfs but it's time is gone >> > > I've been lurking on this list for a while, running a couple of > hardened servers, and the Gentoo guidelines for servers suggest reiser > as the fs. I guess my couple of questions are, > > 1) What does what SUSE's interest in reiser have to do with anything? > (Serious question here, not an attempt at a troll, I really am curious > as I don't follow along very closely) And it's a good question, reiserfs is opensource and so the interest of only a subject (SuSE) is moot, but my feelings are the the community is not any more interested in support reiser3 very much (obviously speaking of feelings this opinion is moot too ). Peter Volkov has already pointed out why and when SuSE decided to choose other roads (may worth read it). > > 2) Is there anything other than backing up a partition, and mkfs'ing > to a different format? I.E. some type of conversion utility for > reiserfs->other format? No, but backup and restore is not something that someone want to schedule expecially with a great amount of data , it may take hours (days) and the fact that you must consider it choosing reiserfs3 now is still a detractive point. People, this look like no more an "gentoo-hardened" issue, wont to end the discussion (if needed) via private mail? if you chose that, please write to "francesco"at"pnpitalia".it it's more likely to get an answer. sorry for the spam -- [email protected] mailing list ___________________________________________________________________________ Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses http://fr.answers.yahoo.com
