This is an automated archive made by the Lemmit Bot.
The original was posted on /r/nixos by /u/10010000_426164426f7 on 2024-09-24 07:57:03+00:00.
I want to commit more time to NixOS, but the hardening and security story doesn’t seem to be well documented.
Main use case:
- Dev tooling
- Infra tooling
- VM workloads that need to be hardened
- Container service hosting (possibly with compliance requirements)
Does NixOS handle AppArmor/SELinux well? There is a thread mentioned the lack of AppArmor profiles, but I can’t see much else. From what I am able to figure out, it isn’t super clear that profile and hardening controls are in place right now.
Has anyone tried seeing if NixOS can (in a reasonable way) meet CIS general Linux benchmarks?
Also: does anyone have experience running EDR agents on NixOS? Any issue with any of the big ones?
You must log in or register to comment.