From ArchWiki
Revision as of 20:48, 20 May 2012 by Thim0aer (talk | contribs) (Todo: Removed "drive encryption", it is already present in the article.)
Jump to: navigation, search

Just a thing to take into consideration - it's a great idea to have one central page for security, but we should try to add most of the information to the articles about the specific software and then link to there from here. An example would be putting the grub2 password protection stuff on the grub2 page, and linking to there. There are also already a lot of security-related articles, and we should link to them here too, along with some info/rationale. thestinger 23:07, 23 November 2010 (EST)


  • descriptions/rationale for all the links to other articles (MAC)
  • base64 /dev/urandom | dd bs=1 count=10 2>/dev/null
  • SSH/fail2ban
  • use (enhanced?) ACL on partitions
  • quotas
  • limits/cgroups
  • TMOUT for root shell
  • sudo timeout
  • Securely Wipe HDD
  • Using File Capabilities Instead Of Setuid
  • VNC, proxies, ssl, etc
  • rvim/rgvim
  • browser security (requestpolicy, noscript, sand-boxing browser)
  • PAX/grsecurity
  • merge Hardening Guides into this article
  • kernel options (which could be added as FRs on the bug tracker)
  • stack protector gcc flag

chmod user's home folder

find ~ -type d -print0 | xargs -0 chmod 700
find ~ -type f -print0 | xargs -0 chmod 600
Why? The top level directory (~) is already 700. Do you have an example of when this would add protection? thestinger 18:09, 11 January 2011 (EST)