diff options
Diffstat (limited to 'usr.sbin/sysinstall/help')
| -rw-r--r-- | usr.sbin/sysinstall/help/securelevel.hlp | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/usr.sbin/sysinstall/help/securelevel.hlp b/usr.sbin/sysinstall/help/securelevel.hlp new file mode 100644 index 0000000..44fa39b --- /dev/null +++ b/usr.sbin/sysinstall/help/securelevel.hlp @@ -0,0 +1,36 @@ +This menu allows you to configure the Securelevel mechanism in FreeBSD. + +Securelevels may be used to limit the privileges assigned to the +root user in multi-user mode, which in turn may limit the effects of +a root compromise, at the cost of reducing administrative functions. +Refer to the init(8) manual page for complete details. + + -1 Permanently insecure mode - always run the system in level 0 mode. + This is the default initial value. + + 0 Insecure mode - immutable and append-only flags may be turned off. + All devices may be read or written subject to their permissions. + + 1 Secure mode - the system immutable and system append-only flags may + not be turned off; disks for mounted file systems, /dev/mem, and + /dev/kmem may not be opened for writing; kernel modules (see + kld(4)) may not be loaded or unloaded. + + 2 Highly secure mode - same as secure mode, plus disks may not be + opened for writing (except by mount(2)) whether mounted or not. + This level precludes tampering with file systems by unmounting + them, but also inhibits running newfs(8) while the system is multi- + user. + + In addition, kernel time changes are restricted to less than or + equal to one second. Attempts to change the time by more than this + will log the message ``Time adjustment clamped to +1 second''. + + 3 Network secure mode - same as highly secure mode, plus IP packet + filter rules (see ipfw(8) and ipfirewall(4)) cannot be changed and + dummynet(4) configuration cannot be adjusted. + +Securelevels must be used in combination with careful system design and +application of protective mechanisms to prevent system configuration +files from being modified in a way that compromises the protections of +the securelevel variable upon reboot. |
