| ▲ | mcpherrinm 7 days ago | |
Do you have any references for doing similar system hardening under either of those? | ||
| ▲ | 0xfedcafe 7 days ago | parent [-] | |
Yeah. With OpenRC or runit, the idea is you just layer the security on yourself since the base is so minimal. Honestly, the best place to start for any system is Madaidan’s Linux Hardening Guide. It’s super thorough and works for pretty much anything. From there, you can add other tools. The Gentoo Hardened setup with SELinux is an option, but it’s a ton of work. AppArmor is way easier for just locking down specific services and apps, it’s what Alpine uses and it’s pretty effective. And for sandboxing random apps, Firejail is perfect. You can just wrap it around your browser or anything else you don’t fully trust to keep it contained. Gives you a lot of control. https://madaidans-insecurities.github.io/guides/linux-harden... https://discuss.privacyguides.net/t/add-gentoo-linux-void-li... https://github.com/gentoo/hardened-refpolicy https://krython.com/post/hardening-alpine-linux-system-secur... | ||