From owner-freebsd-questions@FreeBSD.ORG  Fri Jun 19 01:43:43 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4CFFF106566C
	for <freebsd-questions@freebsd.org>;
	Fri, 19 Jun 2009 01:43:43 +0000 (UTC)
	(envelope-from tajudd@gmail.com)
Received: from qw-out-2122.google.com (qw-out-2122.google.com [74.125.92.26])
	by mx1.freebsd.org (Postfix) with ESMTP id 09DE18FC14
	for <freebsd-questions@freebsd.org>;
	Fri, 19 Jun 2009 01:43:42 +0000 (UTC)
	(envelope-from tajudd@gmail.com)
Received: by qw-out-2122.google.com with SMTP id 3so768170qwe.7
	for <freebsd-questions@freebsd.org>;
	Thu, 18 Jun 2009 18:43:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:date:message-id:subject
	:from:to:content-type:content-transfer-encoding;
	bh=abpB2mE3wP21YkKOa/iMc6PTCDEZa3ZkSTF3boA8ucE=;
	b=vp6tWWUvx8OLwQSVeo1ENBamKMy24yj0FPt5VZKYNtAIksLBC5ElvFymzqOdi5oTZ9
	d5VeLKiwv/vutUvW8qMx1NunGIXiGg4DAtkTqqf/NdkSLE+Sng5SrDE+voWIGCuq+IaW
	m3h4slQt162qh2tTiIlDWQJsAWH0T/Mow6Yj4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type
	:content-transfer-encoding;
	b=Ht4RM7YxWstioE2EjMdgrBugHfQcDLjLoV6v4asNf6YSCDVuk2l535awaJ+wtRFDlw
	pl8KiknE8jF0NvWlul9m2BZ4xqy2zzTShosqyr3du3IyDjJfh+IgYKS6IHRYeN4QHc+q
	C1fg7I4LAWuvKpZOVYgMK2FCk/RYqBU/WJtMc=
MIME-Version: 1.0
Received: by 10.220.44.204 with SMTP id b12mr2259615vcf.101.1245375822080; 
	Thu, 18 Jun 2009 18:43:42 -0700 (PDT)
Date: Thu, 18 Jun 2009 19:43:42 -0600
Message-ID: <ade45ae90906181843j7c33a56dkd79c777ad67ff5cc@mail.gmail.com>
From: Tim Judd <tajudd@gmail.com>
To: freebsd-questions <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: kern.securelevel
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jun 2009 01:43:43 -0000

Something dawned on me.  FreeBSD/Open/Net are all well secured
systems.  On an Internet-facing router, would applying a higher
kern.securelevel provide any better, tighter, higher security if the
machine was broken into?  Given you need to lower the securelevel
before multiuser, it is a reasonable to think raising the securelevel
will give higher comfort feeling?


I know this is a logical/thinking/mind question, but that's what I'm asking for.



--Tim