Hello,

I was wondering if there is a document you can share pertaining to Alpine Linux security best practices/configuration?

Thank you,

Mike

If you do not wish to receive promotional materials from Ingram Micro via e-mail, please go to Our unsubscribe link<https://pc2.mypreferences.com/IngramMicro/?PGID=IM_EMEU_OPTDOWN&LocaleID=en_US> and select your Country and Language Preference to unsubscribe.

Ingram Micro Inc.
Corporate Headquarters, 3351 Michelson Drive, Suite 100, Irvine, CA 92612

This email may contain material that is confidential, and proprietary to Ingram Micro, for the sole use of the intended recipient. Any review, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
[Ingram_2818e5de]

On 21/06/03 06:15PM, Minkovich, Michael wrote:
>I was wondering if there is a document you can share pertaining to
>Alpine Linux security best practices/configuration?

These guides generally have problems with scope as one size does not fit
all.

Some of the advice mentioned in general places like the Arch Wiki[1][2]
can also be applied to Alpine Linux or at least get you to think about
what you might need for your threat model.

[1] https://wiki.archlinux.org/title/security
[2] https://wiki.archlinux.org/title/Sysctl

Products like Docker, LXD, KVM, etc generally recommend the use of
Mandatory Access Control[4][5][6] for example.

[3] https://docs.docker.com/engine/security/
[4] https://lxd.readthedocs.io/en/latest/security/
[5] https://www.redhat.com/sysadmin/apparmor-selinux-isolation

And of course Redhat[6] has some useful documents for a top-level view
on the topic.

[6] https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/overview-of-security-hardening-security-hardening

-- 
Daniel Gray (dng) 0x41911F722B0F9AE3
https://social.privacytools.io/@dngray