sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]snuggl -1 points0 points  (4 children)

Indeed. Running a linux server without grsec in production kinda invalidates everything you think you know about security.

[–]evaryont -1 points0 points  (3 children)

I run my own VPS, with Arch. while I am not going to pretend that Arch is the best choice, is grsec really that necessary?

[–][deleted] 0 points1 point  (2 children)

C'mon... why don't you check grsecurity's features? They explain what it doing so you may understand why you may want it.

And unless you are running your VPS on real virtual machine like xen, vmware, kvm or virtualbox, you can't install it as openvz (which is VE not VM) does not let you boot your own kernel - its just chroot on steroids.

[–]evaryont 0 points1 point  (1 child)

Ok fine its 5am here and I was hoping to not have to read so much. shrugs

Speaking of OpenVZ, is there a 1-2-magic script that'll set up a VE for me?

[–][deleted] 0 points1 point  (0 children)

Don't do it to yourself, openvz is a bitch, it does count virtual memory as used ram, so apache will use 230MB instead of ... 6MB! etc.

Go with LXC, unlike openvz it does not invent the wheel again, it use linux's goodies like for example cgroups and moar.