Date: Mon, 26 Nov 2001 14:26:26 +0000 (GMT) From: Jan Grant <Jan.Grant@bristol.ac.uk> To: Anthony Atkielski <anthony@freebie.atkielski.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: What is the best secure_level setting? Message-ID: <Pine.GSO.4.31.0111261423450.101-100000@mail.ilrt.bris.ac.uk> In-Reply-To: <00c201c17681$91287110$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Nov 2001, Anthony Atkielski wrote: > I am looking at secure_level in FreeBSD and wondering what setting is > appropriate. The default seems to be the lowest possible setting of -1, but I > don't see any obvious reason why I can't run at +1. What levels do you all run > your systems at normally? > > I've already been warned that X servers won't run on a machine at > secure_level=1, but for me that's just another reason not to use X servers on > the host machine, not a reason to keep the secure_level lower. As always, it depends on your intended use for the system. There's additional frustration to work around when updating your system at a higher secure level, but this is pretty irrelevant if you're sitting at the console. "As high as is convenient" is the right number to use, where "convenience" includes a risk assessment in the case of a system compromise. -- jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/ Tel +44(0)117 9287088 Fax +44 (0)117 9287112 RFC822 jan.grant@bris.ac.uk Leverage that synergy! Ooh yeah, looking good! Now stretch - and relax. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.31.0111261423450.101-100000>