this post was submitted on 05 Nov 2023
20 points (100.0% liked)
cybersecurity
3262 readers
12 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Here’s how this concept made it onto my radar. This is an obsessively paranoid NixOS config and accompanying article:
https://xeiaso.net/blog/paranoid-nixos-2021-07-18/
Also, for further reference:
There’s a whole subsection of nixpkgs that could be helpful for a hardening guide:
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix
Also, there are a few articles walking us through hardening Nix:
https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html
On NixOS Discourse:
https://discourse.nixos.org/t/hardening-systemd-services/17147/6