Forum OpenACS Q&A: A little security HOWTO for RH 6.2 and 7.0...

I just found a little security HOWTO on the net. It is well done and covers the basics steps quite clearly.

Here it is!
Posted by Sam Snow on
There are also some good resources at, including a handy quick reference card.
Posted by David Kuczek on
Thanks Sam,

Here is the link to the Quick Security Card...

It was not that easy to find.
Here are a few more links on security issues

I was able to recompile the kernel, but I do have a few questions about some warnings I got as well as some crashes I have experienced since, if anyone has any ideas.

This is the CFLAGS I finally used:CFLAGS = -Wall -Wstrict-prototypes -03 -funroll-loops -ffast-math -mcpu=pentiumpro -march=pentiumpro -fomit-frame-pointer -fno-exceptions

  1. I learned after much trial & error that the CFLAG '-malign-double' would not run on my PIII. It compiles, but on boot up, machine crashes with pointer error. The error is something like this: SCSI::resize_dma_pool Warning dma_sectors=0,wanted 96, scaling Warning, not enough memory, pool not expanded, unable to handle kernel NULL POINTER
  2. I am now suspicious that the Netscape freezes I am occasionally experiencing are due to the new kernel
  3. While compiling I notice a few warnings such as "using '%eax instead of '%ax' due to 'l' suffix "
  4. What happens if you don't put the new CFLAGS options in your /etc/profile?
  5. What CFLAG options should one use to insure the greatest stability? I have not been able to find a description of what each setting does.
What about using the new GCC 3.0 or PGCC? Would they be better?