Re: Question about securelevel

From: Ismail YENIGUL (ismail_at_EnderUNIX.ORG)
Date: 02/12/04

  • Next message: roberto_at_redix.it: "Re: Question about securelevel" 
    Date: Thu, 12 Feb 2004 11:54:05 +0200
To: roberto@redix.it

    Hi
    Did you look at securelevel manual
    # man securelevel
    regards
    On Wed, Feb 11, 2004 at 10:29:46AM +0100, roberto@redix.it wrote:
    >
    > I've read about securelevel in the mailing list archive, and found some
    > pitfalls (and seems to me to be discarded soon).
    >
    > But According to me, the following configuration should offer a good
    > security:
    >
    > - mount root fs read only at boot;
    > - set securelevel to 3;
    > - do not permit to unmount/remount roots fs read-write (now it is possible
    > by means of "mount -uw /");
    > - the only way to make change at the file system is to reboot in single
    > user, before the securelevel is set to 3, and make the changes needed
    > (this means the administrator should use only the console);
    >
    > Any comments about?
    >
    > Bye,
    > Roberto
    >
    >
    >
    > _______________________________________________
    > freebsd-security@freebsd.org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-security
    > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" 

    -- 
Ismail YENIGUL
http://www.acikkod.com - Acikkod Yayinlari
http://www.EnderUNIX.org
GnuPG Key: http://yenigul.net/ismail.gpg
It takes longer to lose 'x' number of pounds than
to gain 'x' number of pounds.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: roberto_at_redix.it: "Re: Question about securelevel"