1a5f1bdc1d
Created the security page and added details on how to install apparmor in the gentoo-desktop-setup section.
868 B
868 B
Security is an important factor when it comes to an operating system. Hardening the system is done to prevent as many exploits as possible. There are multiple factors which should be considered.
Apparmor and LSM
Apparmor is a Mandatory Access Control (MAC) system that restricts capabilities from a program on a computer. It can dissallow access to files which the program would not require. Make sure the apparmor USE flag is enabled and install the necessary programs:
sh# emerge -av apparmor apparmor-utils
sh# rc-update add apparmor boot
Then add apparmor and other Linux Security Modules (LSM) to the cmdline and rebuild the initramfs:
... apparmor=1 lsm=landlock,lockdown,yama,capability,integrity,apparmor
sh# emerge --config gentoo-kernel # or gentoo-kernel-bin etc.