>> >> What else would you recommend for me? >> > >> > I'd suggest to completely ignore the grsec (low/med/high) options and >> > use the Hardened Gentoo level in the hardened-sources all the time. >> > >> > Xorg should not cause problems unless you are stuck using 3rd party >> > binary drivers. Most of us are using a hardened X setup. >> >> Excellent, thank you. You think the "Hardened Gentoo (workstation)" >> and "Hardened Gentoo (server)" grsecurity setups are adequate >> low-maintenance solutions? > > > Re: "low maintenance" > I'm not sure we can dumb down the hardening efforts anymore than we > already have. It's all pretty transparent and seems mostly like a normal > install of anything else. The ELF's are just smarter.
Low maintenance definitely. Is the security OK? >> What does a hardened profile do for my server? > > Enables things to match the kernel options/blocks things that conflict. Is the grsecurity "Hardened Gentoo (workstation)" setting useful without the hardened profile? - Grant
