devdocs:hardening_ideas
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
devdocs:hardening_ideas [2018/10/18 22:19] z5t1 [Rescue Environment] |
devdocs:hardening_ideas [2018/10/18 22:21] (current) z5t1 [Rescue Environment] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| Create a rescue environment in /opt/rescue. This environment will contain backup versions of essential binaries (similar to BSD's /rescue or /altroot directory). It will reside on a separate read only filesystem. It will use Busybox with static linking so it is not dependent on any other part of the system for proper functionality. | Create a rescue environment in /opt/rescue. This environment will contain backup versions of essential binaries (similar to BSD's /rescue or /altroot directory). It will reside on a separate read only filesystem. It will use Busybox with static linking so it is not dependent on any other part of the system for proper functionality. | ||
| - | The binaries should also be executable only by root. | + | The Busybox binaries will be executable only by root. |
| ====== Userspace Hardening ====== | ====== Userspace Hardening ====== | ||
devdocs/hardening_ideas.1539901181.txt.gz · Last modified: 2018/10/18 22:19 by z5t1
Page Tools
