Date: Sun, 21 Jun 2009 13:31:14 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Tim Judd <tajudd@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: kern.securelevel Message-ID: <441vpdmr31.fsf@lowell-desk.lan> In-Reply-To: <ade45ae90906181843j7c33a56dkd79c777ad67ff5cc@mail.gmail.com> (Tim Judd's message of "Thu\, 18 Jun 2009 19\:43\:42 -0600") References: <ade45ae90906181843j7c33a56dkd79c777ad67ff5cc@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tim Judd <tajudd@gmail.com> writes: > Something dawned on me. FreeBSD/Open/Net are all well secured > systems. On an Internet-facing router, would applying a higher > kern.securelevel provide any better, tighter, higher security if the > machine was broken into? Given you need to lower the securelevel > before multiuser, it is a reasonable to think raising the securelevel > will give higher comfort feeling? I can't understand your last sentence. The obvious thing is that a raised securelevel only helps if it doesn't get in the way of operations you need to do. A bit less obvious is that it only helps if you are sure you will know if the system reboots. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?441vpdmr31.fsf>