Language Selection

English French German Italian Portuguese Spanish

Building Systems Secure From The Start

Filed under
Software

Default operating system installs on a server are almost always wrong. Unfortunate, but true. In an attempt to build a generic system that appeals to as many situations as possible, the default install is often overloaded with software that is not necessary, and a filesystem layout that would allow one rogue daemon to fill up the entire drive. This is wrong, but easily remedied. A little extra care during the installation and initial setup of the server will result in a system that is smaller, cleaner, easier to maintain, and more secure than what ships on a default install.

FIlesystem Layout

I’ve mentioned before how to setup a filesystem to allow for maximum control and flexibility, so I won’t dive into the details here. Suffice to say that the basic idea is to put as much as possible into a volume manager like LVM, and then give each partition only as much as it needs.

rest here




More in Tux Machines

10 Best Linux Business Apps

There’s no question that the Linux desktop can be a highly effective workhorse. Note, as proof of this, the greater coverage in the media of the best business apps for Linux. Keep reading for the best Linux business apps – and please add your own favorite in the Comments section below. Read more

Android Leftovers

FreeBSD-Based TrueOS 17.12 Released

The FreeBSD-based operating system TrueOS that's formerly known as PC-BSD has put out their last stable update of 2017. TrueOS 17.12 is now available as the latest six-month stable update for this desktop-focused FreeBSD distribution that also offers a server flavor. TrueOS continues using OpenRC as its init system and this cycle they have continued improving their Qt5-based Lumina desktop environment, the Bhyve hypervisor is now supported in the TrueOS server install, improved removable device support, and more. Read more

An introduction to Joplin, an open source Evernote alternative

Joplin is an open source cross-platform note-taking and to-do application. It can handle a large number of notes, organized into notebooks, and can synchronize them across multiple devices. The notes can be edited in Markdown, either from within the app or with your own text editor, and each application has an option to render Markdown with formatting, images, URLs, and more. Any number of files, such as images and PDFs, can be attached to a note, and notes can also be tagged. I started developing Joplin when Evernote changed its pricing model and because I wanted my 4,000+ notes to be stored in a more open format, free of any proprietary solution. To that end, I have developed three Joplin applications, all under the MIT License: for desktop (Windows, MacOS, and Linux), for mobile (Android and iOS), and for the terminal (Windows, MacOS, and Linux). All the applications have similar user interfaces and can synchronize with each other. They are based on open standards and technologies including SQLite and JavaScript for the backend, and Terminal Kit (Node.js), Electron, and React Native for the three front ends. Read more