On 9/9/18, Gus qty@airmail.cc wrote:
Linux-hardened doesn't support hibernation and i think it's overkill to use it on desktop.
Not arguing in anyway for or against AppArmor, just another data point regarding linux-hardened 4.17 and 4.18:
I tried linux-hardened on two Intel machines, and it was less stable than "linux". Some of the changes are probably invasive/destabilising, which makes sense seeing how slowly and carefully the mitigations are traveling via Kees Cook into Linus' tree. I didn't have stability issues with the old linux-grsec packages, though to be fair those were also way older major releases which may matter.