diff options
Diffstat (limited to 'usr.sbin/sade/menus.c')
-rw-r--r-- | usr.sbin/sade/menus.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/usr.sbin/sade/menus.c b/usr.sbin/sade/menus.c index ef4608c..46b7270 100644 --- a/usr.sbin/sade/menus.c +++ b/usr.sbin/sade/menus.c @@ -2229,6 +2229,8 @@ DMenu MenuSecurity = { NULL, { { "X Exit", "Exit this menu (returning to previous)", checkTrue, dmenuExit, NULL, NULL, '<', '<', '<' }, + { " Securelevel", "Configure securelevels for the system", + NULL, configSecurelevel }, #if 0 { " LOMAC", "Use Low Watermark Mandatory Access Control at boot", dmenuVarCheck, dmenuToggleVariable, NULL, "lomac_enable=YES" }, @@ -2238,6 +2240,28 @@ DMenu MenuSecurity = { { NULL } }, }; +DMenu MenuSecurelevel = { + DMENU_NORMAL_TYPE | DMENU_SELECTION_RETURNS, + "Securelevel Configuration Menu", + "This menu allows you to select the securelevel your system runs with.\n" + "When operating at a securelevel, certain root privileges are disabled,\n" + "which may increase resistance to exploits and protect system integrity.\n" + "In secure mode system flags may not be overriden by the root user,\n" + "access to direct kernel memory is limited, and kernel modules may not\n" + "be changed. In highly secure mode, mounted file systems may not be\n" + "modified on-disk, tampering with the system clock is prohibited. In\n" + "network secure mode configuration changes to firwalling are prohibited.\n", + "Select a securelevel to operate at - F1 for help", + "securelevel", + { { "X Exit", "Exit this menu (returning to previous)", + checkTrue, dmenuExit, NULL, NULL, '<', '<', '<' }, + { "Disabled", "Disable securelevels", NULL, configSecurelevelDisabled, }, + { "Secure", "Secure mode", NULL, configSecurelevelSecure }, + { "Highly Secure", "Highly secure mode", NULL, configSecurelevelHighlySecure }, + { "Network Secure", "Network secure mode", NULL, configSecurelevelNetworkSecure }, + { NULL } } +}; + DMenu MenuFixit = { DMENU_NORMAL_TYPE, "Please choose a fixit option", |