diff options
| author | rwatson <rwatson@FreeBSD.org> | 2003-11-28 18:47:45 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2003-11-28 18:47:45 +0000 |
| commit | e983c8d12df02353a044c03cba700a236381ae1f (patch) | |
| tree | 7438a7ba82574b8c95f31336320c09863c426e53 /usr.sbin/sade/menus.c | |
| parent | 769360c4407229ea650d8944b6bdd883adcdf365 (diff) | |
| download | FreeBSD-src-e983c8d12df02353a044c03cba700a236381ae1f.zip FreeBSD-src-e983c8d12df02353a044c03cba700a236381ae1f.tar.gz | |
Remove security profiles from sysinstall. Currently, security profile
selection is used to drive two configuration parameters:
(1) Default enable/disable for sshd
(2) Default enable/disable for securelevels
Replace this with an explicit choice to enable/disable sshd. A
follow-up commit will add a configuration option to the Security
post-install configuration menu to set the securelevel in rc.conf
explicitly. This should reduce the level of foot-shooting associated
with accidental enabling of securelevels, make the nature and
implications of the securelevel configuration options more explicit,
as well as make the choice to enable/disable sshd more explicit.
Approved by: re (scottl)
Diffstat (limited to 'usr.sbin/sade/menus.c')
| -rw-r--r-- | usr.sbin/sade/menus.c | 18 |
1 files changed, 1 insertions, 17 deletions
diff --git a/usr.sbin/sade/menus.c b/usr.sbin/sade/menus.c index 1bb348d..ef4608c 100644 --- a/usr.sbin/sade/menus.c +++ b/usr.sbin/sade/menus.c @@ -1469,7 +1469,7 @@ DMenu MenuNetworking = { dmenuVarCheck, configRouter, NULL, "router_enable=YES" }, { " Rwhod", "This machine wants to run the rwho daemon", dmenuVarCheck, dmenuToggleVariable, NULL, "rwhod_enable=YES" }, - { " Sshd", "This machine wants to run the ssh daemon", + { " SSHd", "This machine wants to run the SSH daemon", dmenuVarCheck, dmenuToggleVariable, NULL, "sshd_enable=YES" }, { " TCP Extensions", "Allow RFC1323 and RFC1644 TCP extensions?", dmenuVarCheck, dmenuToggleVariable, NULL, "tcp_extensions=YES" }, @@ -2229,8 +2229,6 @@ DMenu MenuSecurity = { NULL, { { "X Exit", "Exit this menu (returning to previous)", checkTrue, dmenuExit, NULL, NULL, '<', '<', '<' }, - { " Security Profile", "Select a security profile for the system", - NULL, configSecurityProfile }, #if 0 { " LOMAC", "Use Low Watermark Mandatory Access Control at boot", dmenuVarCheck, dmenuToggleVariable, NULL, "lomac_enable=YES" }, @@ -2240,20 +2238,6 @@ DMenu MenuSecurity = { { NULL } }, }; -DMenu MenuSecurityProfile = { - DMENU_NORMAL_TYPE | DMENU_SELECTION_RETURNS, - "Default system security profile", - "Each item in this list will set what it considers to\n" - "be \"appropriate\" values in that category for various\n" - "security-related knobs in /etc/rc.conf.", - "Select a canned security profile - F1 for help", - "security", /* help file */ - { { "X Exit", "Exit this menu (returning to previous)", NULL, dmenuExit }, - { "Moderate", "Moderate security settings.", NULL, configSecurityModerate }, - { "Extreme", "Very restrictive security settings.", NULL, configSecurityExtreme }, - { NULL } }, -}; - DMenu MenuFixit = { DMENU_NORMAL_TYPE, "Please choose a fixit option", |
