|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Question about securelevel
From: Ismail YENIGUL (ismail
EnderUNIX.ORG)
Date: Thu Feb 12 2004 - 03:54:05 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi
Did you look at securelevel manual
# man securelevel
regards
On Wed, Feb 11, 2004 at 10:29:46AM +0100, robertoredix.it wrote:
>
> I've read about securelevel in the mailing list archive, and found some
> pitfalls (and seems to me to be discarded soon).
>
> But According to me, the following configuration should offer a good
> security:
>
> - mount root fs read only at boot;
> - set securelevel to 3;
> - do not permit to unmount/remount roots fs read-write (now it is possible
> by means of "mount -uw /");
> - the only way to make change at the file system is to reboot in single
> user, before the securelevel is set to 3, and make the changes needed
> (this means the administrator should use only the console);
>
> Any comments about?
>
> Bye,
> Roberto
>
>
>
> _______________________________________________
> freebsd-securityfreebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
--
Ismail YENIGUL
http://www.acikkod.com - Acikkod Yayinlari
http://www.EnderUNIX.org
GnuPG Key: http://yenigul.net/ismail.gpg
It takes longer to lose 'x' number of pounds than
to gain 'x' number of pounds.
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]