this post was submitted on 05 Jul 2023
30 points (100.0% liked)

Loli Memes and Talk

2 readers
1 users here now

For memes and discussion pertaining loli.

Rules (in progress):

  1. No pornography, but if it's NSFW then click the NSFW button.
  2. Posts should be either a meme or text post.

founded 1 year ago
MODERATORS
 
top 11 comments
sorted by: hot top controversial new old
[–] [email protected] 11 points 1 year ago (1 children)
[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (2 children)

Funny story. Before hosting this site, I used to run my server infra on nothing but Gentoo VMs. It was very neat but ultimately I ended up switching away from it because keeping each VM up to date proved to be a pain even with a designated "compile server VM" which would distribute the compiled binaries to the VMs that were configured for it.

If you want the top most security in Linux land, Gentoo is what you want. With everything compiled for your CPU's microarchitecture, the memory addresses for which to trigger exploits such as stack smashing will be different so a skiddie cannot run their exploit kit on you.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

Now if you had your choice on a Unix or Unix-like system, I'd go with this if you want something absolutely impenetrable:

[–] [email protected] 1 points 1 year ago (1 children)

would it be possible to do the same with another distro, with proper configutation?

[–] [email protected] 3 points 1 year ago

From my uneducated opinion, yes and no. Kernel ASLR (Address Space Layout Randomization) is a thing, same with PiE (Position independent Executables) the former can be turned on but the latter, you have to compile your software with those flags. PiE offers stack smashing protection. Some distros do not ship this but the list is growing shorter by the day.

Gentoo allows you to use USE flags which instruct Portage (Gentoo's package manager) to fetch the libraries required to compile the feature you specified. In short, USE flags basically tell the package what features you want. You can compile your software to be as nimble as possible. Less code means less attack surface that attackers can exploit. On Gentoo even the toolchain you use to compile software is compiled in of itself when you run emerge world.

[–] [email protected] 6 points 1 year ago (1 children)

Poor Komari is getting Linux forced onto her when all she wants is her computer fixed ಥ⁠╭⁠╮⁠ಥ

[–] [email protected] 6 points 1 year ago (1 children)

I don't care how cute Komari is I'm not supporting Windows. The girl is going to run Debian and she is going to like it.

[–] [email protected] 2 points 1 year ago

Reminded me of this:

[–] [email protected] 5 points 1 year ago (1 children)

I don't even want to do this when my wife asks me, and she uses linux. This girl would either install linux, or be looking a blue screen for a very long time.

[–] [email protected] 4 points 1 year ago

Yeah, she's going to be running Gentoo. And I don't want to hear any gripes.

[–] [email protected] 4 points 1 year ago
load more comments
view more: next ›