[SOLVED] Is there a Hardened version of Slackware?
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Do you think Slackware need those features?
It's already secured by default installation since it doesn't enable too many daemon services at installation phase and it has included well-tested applications to the default stock packages
The rest is up to the admin to configure the whole system
A lot of the Slackware specific hardening information is older and scattered. Various GURU's no doubt have yet to impart their hard earned wisdom. It also depends what security you want or need: general server, web, ssh etc. Might not be a bad idea to include a hardening chapter in the "new" slackbook (Don't look at me; I'm not worthy!). Here is some stuff I looked at ages ago:
Interesting stuff. Though most of it is for things like 13.0 and older versions of the OS, I am wondering if some of it could be updated to run with the newer releases like 13.37 and 14.0 (when released).
The only thing I haven't really seen around the net for Slackware is how to rebuild the kernel to SELinux specifications. I'll see what I can get from the HLFS (Hardened Linux from Scratch) project and see if any of it could translate into Slackware.
Wikipedia claims that a Slackware specific port of SELinux and packages was available at one time but development had stagnated.
I recommend using Grsecurity.
I have it running without any problems on a 13.0 server, but I don't see any limitations running it on newer Slackware versions.
+1. I compiled grsec into a Slamd64 11.0 machine that I built as a fairly busy multiport firewall/router a number of years ago. Very happy with the results. Fast, secure, rock solid.
All software contains bugs and Slackware is NOT deliberately hardened by default. It just turn on everything out-of-the-box. That is not the same as hardening an operating system. Slackware can be hardened, any Linux distribution can, however security is a process not a one-off configuration and maintaining that stance requires a knowledgeable and vigilant admin. That doesn't apply to most users or any operating system.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.