Difference between revisions of "Talk:Security"

From ArchWiki
Jump to navigation Jump to search
(chmod user's home folder)
Line 22: Line 22:
*[[DeveloperWiki:Package signing|Package signing]]
*[[DeveloperWiki:Package signing|Package signing]]
*<s>stack protector gcc flag</s> (See: [https://bugs.archlinux.org/task/18864 FS#18864])
*<s>stack protector gcc flag</s> (See: [https://bugs.archlinux.org/task/18864 FS#18864])
== chmod user's home folder ==
find ~ -type d -print0 | xargs -0 chmod 700
find ~ -type f -print0 | xargs -0 chmod 600
:Why? The top level directory (~) is already 700. Do you have an example of when this would add protection? [[User:Thestinger|thestinger]] 18:09, 11 January 2011 (EST)

Revision as of 11:32, 3 January 2013

Just a thing to take into consideration - it's a great idea to have one central page for security, but we should try to add most of the information to the articles about the specific software and then link to there from here. An example would be putting the grub2 password protection stuff on the grub2 page, and linking to there. There are also already a lot of security-related articles, and we should link to them here too, along with some info/rationale. thestinger 23:07, 23 November 2010 (EST)


  • Update "Lockout user after three failed login attempts", file mentioned no longer contains those lines ?
  • descriptions/rationale for all the links to other articles (MAC)
  • base64 /dev/urandom | dd bs=1 count=10 2>/dev/null
  • SSH/fail2ban
  • use (enhanced?) ACL on partitions
  • quotas
  • limits/cgroups
  • TMOUT for root shell
  • sudo timeout
  • Securely Wipe HDD
  • Using File Capabilities Instead Of Setuid
  • VNC, proxies, ssl, etc
  • rvim/rgvim
  • browser security (requestpolicy, noscript, sand-boxing browser)
  • PAX/grsecurity
  • merge Hardening Guides into this article
  • kernel options (which could be added as FRs on the bug tracker)
  • Package signing
  • stack protector gcc flag (See: FS#18864)