Question about securelevel

Ismail YENIGUL ismail at EnderUNIX.ORG
Wed Feb 11 01:55:47 PST 2004


Hi
Did you look at securelevel manual
# man securelevel
regards
On Wed, Feb 11, 2004 at 10:29:46AM +0100, roberto at redix.it wrote:
> 
> I've read about securelevel in the mailing list archive, and found some
> pitfalls (and seems to me to be discarded soon).
> 
> But According to me, the following configuration should offer a good
> security:
> 
> - mount root fs read only at boot;
> - set securelevel to 3;
> - do not permit to unmount/remount roots fs read-write (now it is possible
> by means of "mount -uw /");
> - the only way to make change at the file system is to reboot in single
> user, before the securelevel is set to 3, and make the changes needed
> (this means the administrator should use only the console);
> 
> Any comments about?
> 
> Bye,
> Roberto
> 
> 
> 
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"

-- 

Ismail YENIGUL
http://www.acikkod.com - Acikkod Yayinlari
http://www.EnderUNIX.org
GnuPG Key: http://yenigul.net/ismail.gpg

It takes longer to lose 'x' number of pounds than
to gain 'x' number of pounds.


More information about the freebsd-security mailing list