On 03/02/2011 04:12 PM, Mahesh T. Pai wrote: > So, options for you right now - continue with squeeze and install the > non-free drivers from marillat; (go to debian-multimedia.org site), or > if you feel like it, and willing to break your system, "upgrade" to > unstable + experimental. > The binary-only drivers are available in debian's non-free section and the maintainers do a good job of updating it. Why are you not using that? By the way, if you don't care about 3D, the new version of nouveau is just awesome. > This is a slow and painful process - do not venture unless you have > unlimited bandwidth; and very familiar with Debian. > > > 2. I use Apache2 service for my web development & testing. I have > > read it in the debian user forum that without mandatory access > > controls such as selinux or > > That is valid for all public servers. > > > apparmor we should not run apache2. If not, we are going to end up > > with a vulnerable machine. Is that right? I could not fine > > apparmor in debian repository so tried installing selnux in a > > virtualbox on top o debian as given in URL > > http://wiki.debian.org/SELinux/Setup. I could install it > > successfully, upto default permissive mode, but when I try to set > > enforcing mode to 1, system becomes non-responsive. Next restart > > will end up in blank screen after entering the user id and > > password. Is there any better way of securing my home desktop? Or > > how do I fix this selinux issue? > > While somebody else would answer that, AFAIK, selinux only provides a > framework to the sysadmin for implementing good security. SElinux > byitself is not a security tool. I may be wrong though. > In enforcing mode, SELinux is safeguarding your machine right before init starts. Anything that is not under the defined policy will be denied. -- Ritesh Raj Sarraf RESEARCHUT - http://www.researchut.com "Necessity is the mother of invention."
Attachment:
signature.asc
Description: OpenPGP digital signature