On 06/08/2012 09:06 AM, Alex Efros wrote:
Hi!
On Fri, Jun 08, 2012 at 07:15:40AM -0400, Aaron W. Swenson wrote:
I started a discussion on gentoo-user about the fact that the
hardened profile appears to only be for servers and not desktops.
I thought I'd check with you guys on this. Is that the case?
Actually, I see no reasons to NOT use hardened on desktops.
True
Only critical bug is broken VMware/VirtualBox on amd64+hardened.
This one is a moving target. Sometimes broken, times fixed. kvm is
working very well of late.
Everything else is works fine on hardened AFAIK. Even unsupported
nvidia-drivers works fine (they needed for 3D acceleration in VMware).
Sometimes you need to get extra patches from bugzilla or run paxctl,
but this isn't too much headache to avoid it at cost of significantly
lower overall security.
nouveau works great on hardened desktops
radeon compiled with llvm needs some fancy pax markings, but also works
--
Anthony G. Basile, Ph. D.
Chair of Information Technology
D'Youville College
Buffalo, NY 14201
(716) 829-8197
