diff options
| author | rwatson <rwatson@FreeBSD.org> | 2001-08-10 23:57:43 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2001-08-10 23:57:43 +0000 |
| commit | 5dc8929a4df9432ed9fce8866220f39176df199d (patch) | |
| tree | 3bc6c70dbda13e78bbdb414531ec82577d9fb1b0 /usr.sbin/sysinstall/help | |
| parent | e1cf3a47437c4deaa5cf65bf38a73b29bcbf00c6 (diff) | |
| download | FreeBSD-src-5dc8929a4df9432ed9fce8866220f39176df199d.zip FreeBSD-src-5dc8929a4df9432ed9fce8866220f39176df199d.tar.gz | |
o Reduce the number of offered security profiles, as we now have a more
conservative default, and actually prompt specifically for inetd rather
than handling it as a side effect of the security profile. Update the
help file to reflect this change.
o Rename "Fascist" to "Extreme" in the source code, to match the names
presented to the user.
o Remove portmap and inetd from profile management. Portmap is now
disabled by default, but automatically turned on if a feature requires
it (such as NFS, etc).
This is an MFC candidate for 4.4-RELEASE.
Reviewed by: freebsd-arch@FreeBSD.org
Approved by: re@FreeBSD.org
MFC after: 2 days
Diffstat (limited to 'usr.sbin/sysinstall/help')
| -rw-r--r-- | usr.sbin/sysinstall/help/security.hlp | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/usr.sbin/sysinstall/help/security.hlp b/usr.sbin/sysinstall/help/security.hlp index 1b39f3e..ee172ff 100644 --- a/usr.sbin/sysinstall/help/security.hlp +++ b/usr.sbin/sysinstall/help/security.hlp @@ -3,19 +3,14 @@ profiles. The following table is intended to give you a rough idea just which services are enabled (or disabled) by each of the canned security profiles: - Extreme High Medium Low - ------- ---- -------- --- -inetd NO NO YES YES -sendmail NO YES YES YES -sshd NO YES YES YES -portmap NO NO * YES -nfs_server NO NO ** *** -securelevel YES (2) YES (1) NO NO + Extreme Medium + ------- ------ +nfs_server NO * +sendmail NO YES +sshd NO YES +securelevel YES (2) NO NOTES: -* Portmap is enabled if the machine has been configured as either an NFS - client or an NFS server earlier in the installation process. -** If the machine has been configured as an NFS server, NFS will only run - on a reserved port. -*** No changes are made to the NFS configuration. +* If the machine has been configured as an NFS server, NFS will only run + on a reserved port. |
