View Single Post
Old 11-25-09, 08:28 AM   #6
cdrw
Registered User
 
Join Date: Mar 2006
Posts: 59
Default Re: Security questions...

shrug,
second point fixes this for you:
you will be able to run only in command line mode (NOEXEC breaks Xorg, also disabling priviledged I/O breaks xorg)

If this is a server, you don't need Xorg/nvidia
If this is desktop you don't really need these hardening options

your requirement regarding "no modules" option is silly, grsec/pax protects against loading/unloading modules after boot. If your system was infected before you installed hardened kernel, then it is too late anyway.
cdrw is offline   Reply With Quote