Re: [PLUG] Another local LINUX meeting

Cosmin Nicolaescu on 5 Jul 2005 15:27:33 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Another local LINUX meeting - Monday June 13th 7PM

From: Cosmin Nicolaescu <cos@camelot.homelinux.com>

To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Another local LINUX meeting - Monday June 13th 7PM

Date: Tue, 05 Jul 2005 11:28:18 -0400 (EDT)

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: SquirrelMail/1.4.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, July 5, 2005 2:41 pm, Carl Husa said: > Has any one any experience running VMWare Workstation 5.0 on SUSE 9.3 as a > host OS, and running RH Enterprise Linux 3.0 as a guest OS? > > Additionally, any opinions - as though this list is shy! - on grsecurity > compared with SELinux? > > Thanks! > > Carl Husa > ___________________________________________________________________________ > Philadelphia Linux Users Group -- > http://www.phillylinux.org > Announcements - > http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- > http://lists.phillylinux.org/mailman/listinfo/plug > > I have been runnning VMWare WS 5 in the CS lab here on Mandrake and Gentoo. I have worked with grsec/pax for a while now. I really like it, although I have run into problems when using it on my desktop machine. I think SELinux is a _very_ heavy tool...unless you're running a multi-user OS with critical things running, it's like bringing a sledgehammer to kill a fly. Grsec/pax takes care of kernel restrictions only. You can prevent most kernel exploits by applying grsec, as well as restrict regular users from seeing other processes, etc. SELinux (which I have only looked into using and gave up after realizing I don't really need it) is a very complicated tool that restricts much more then the kenrel - from what I've been reading you can do really funky stuff, like only allow root to log in on the 5th console, between 5-5:05 am on the 12th of a month, where the day is Wed :) Well you get the idea - - very restrictive, very complicated. - -Cos - -- GPG key fingerprint = DE9F 4664 E666 2BD1 903E 4F4D EA31 5FB1 C7F9 08C1 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCyqcS6jFfscf5CMERAvfHAKDAHK5z9W3PlsZ/Eqhp4Pe3IEZV9wCcDhqI 164K1YG0DC71CRswIf4yj2Q= =JPgR -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

References:

Re: [PLUG] Another local LINUX meeting - Monday June 13th 7PM
From: Carl Husa <jabberwocky@luxsci.net>

Prev by Date: Re: [PLUG] Delivery reports about your e-mail

Next by Date: Re: [PLUG] Delivery reports about your e-mail

Previous by thread: [PLUG] Apologies

Next by thread: [PLUG] OT: Wanted to trade

Index(es):

Date

Thread