Hello list, Now that grsecurity is off-limits, I'm left wondering how to go about hardening a no-multilib box that will be exposed to the Big Bad World.
To start with, it's not obvious which profile to use: $ eselect profile list | grep no-multi | grep hardened [23] default/linux/amd64/17.0/no-multilib/hardened [24] default/linux/amd64/17.0/no-multilib/hardened/selinux [29] hardened/linux/amd64/no-multilib [30] hardened/linux/amd64/no-multilib/selinux The wiki is also now out of date; it still talks about grsecurity, and there are too many overlapping guides. Until that's sorted out, would the panel like to offer some guidance? -- Regards, Peter.
