I think that it would be good to consider installing the hardening-runtime Debian package (new in Bullseye). The Debian readme provides more background and context.
I had been plannign to include it by default in v17.0, however following (mostly offline) discussion and contemplation of turnkeylinux/common#206, I am now thinking that this would be better with further consideration.
I may also write a blog post about it and suggest that users give it a go and report back.
I think that it would be good to consider installing the
hardening-runtimeDebian package (new in Bullseye). The Debian readme provides more background and context.I had been plannign to include it by default in v17.0, however following (mostly offline) discussion and contemplation of turnkeylinux/common#206, I am now thinking that this would be better with further consideration.
I may also write a blog post about it and suggest that users give it a go and report back.