πβ²πͺπ»π½π«π΅β²β²πBSD folks: if you _have_ to use Linux on your workstation, what disto would you pick?
πΈπππ©@h3artbl33d I am not a BSD user, but I would say Gentoo. It's what I use but also probably the closest choice.
@lx
Can you elaborate on that? What makes Gentoo your pick instead of distroX?
Can you elaborate on that? What makes Gentoo your pick instead of distroX?
@h3artbl33d First of all I hate the mentality behind systemd (which is probably also against everything that Unix stands for, i.e. small programs that can be combined instead of one big one). Second, I get to chose what features I want of any given software I install from the repos. The USE-flags let me pick compile-options and I can have a global filter (e.g. for systemd). Finally, since I compile it all myself, it's optimized for my system/CPU and therefore faster and safer (no known binary).
@lx
All truly very valid points! I have been eyeballing Alpine - but dropping and not replacing grsecurity is a downside IMHO.
Arch does have 'Linux-hardened' available as a package - but is not an option due to my unhealthy hatred for the hellish invention that is systemd.
@h3artbl33d Well there is a hardened setup available for Gentoo too. But I have to say that the "default" installation is already pretty hardened. I use quotes because there isn't really a default, since you decide almost everything yourself when you install it, however the default USE-flags etc. are set to safe defaults (like SSP, PIE). Usually most packets have a good documentation about what each flags does and what implication it might have.
@lx
Linux-hardened is a patchset for the Linux kernel, somewhat comparable to grsecurity, by the developer of the now defunct CopperheadOS ROM, Daniel Micay (strncat/thestinger).
It is merely another level of protection. Combined with -USE, more hardening, etc, it can form a better foundation of security.