diff options
author | obrien <obrien@FreeBSD.org> | 2011-10-07 05:47:30 +0000 |
---|---|---|
committer | obrien <obrien@FreeBSD.org> | 2011-10-07 05:47:30 +0000 |
commit | 4b04845b065c4c770d9a16578621fff709833557 (patch) | |
tree | ca76c3bfb443f00f6c5e19395d6b993a33901b56 /share | |
parent | 10aa664dd0a391ca75ec8328b24db17639594bf8 (diff) | |
download | FreeBSD-src-4b04845b065c4c770d9a16578621fff709833557.zip FreeBSD-src-4b04845b065c4c770d9a16578621fff709833557.tar.gz |
Disallow various debug.kdb sysctl's when securelevel is raised.
PR: 161350
Diffstat (limited to 'share')
-rw-r--r-- | share/man/man7/security.7 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/share/man/man7/security.7 b/share/man/man7/security.7 index ed24435a..197fe3e 100644 --- a/share/man/man7/security.7 +++ b/share/man/man7/security.7 @@ -544,6 +544,12 @@ may not be opened for writing; kernel modules (see .Xr kld 4 ) may not be loaded or unloaded. +The kernel debugger may not be entered using the +.Va debug.kdb.enter +sysctl. +A panic or trap cannot be forced using the +.Va debug.kdb.panic +and other sysctl's. .It Ic 2 Highly secure mode \- same as secure mode, plus disks may not be opened for writing (except by |