On Apr 4, 2012 5:17 PM, "Nicholas MIller" <nick.kyky@gmail.com> wrote:
On Wed, Apr 4, 2012 at 7:36 AM, Kevin Chadwick <ma1l1ists@yahoo.co.uk>
wrote:
On Tue, 3 Apr 2012 18:10:12 -0400 Kaiting Chen wrote:
Yeah run each service as an unprivileged user and you should be fine.
If
security is very critical than run something like SELinux or a similar RBAC system.
If you don't mind compiling a kernel, grsecurity and it's accompanying rbac or using rsbac instead are even better than SELinux.
rsbac will cost you the most time. Grsecurity's rbac has a learning mode but won't let you selectively apply as the author sees that as a false sense of security.
OpenBSD is my favourite option for servers but not for nfsv4. Do you need file locking or can you use something like sftp (ssh file transfer)?
why don't you like OpenBSD for nfs? and I am fairly sure nfs is better suited for most of my needs right now since the system has much more storage than my laptop which helps as an always mountable extra space
and I forgot to mention thanks for all the input everyone ...