Date: Wed, 04 Apr 2012 08:53:35 +0200 From: Andreas Jonsson <andreas@romab.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security in Multiuser Environments Message-ID: <4F7BEFEF.3030702@romab.com> In-Reply-To: <86fwcnygys.fsf@ds4.des.no> References: <20120331140820.101653608997tekk@webmail.ime.usp.br> <86fwcnygys.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
> Also... all this and you didn't raise the securelevel? Didn't set > system binaries schg? Didn't remove unwanted binaries like rcp(1), > rlogin(1), at(1) etc? > > To add to the list of all this... no mounting of /var /tmp, and /home as noexec, nosuid (oh wait, no suid binaries at all, then all partitions can be mounted as nosuid, except for sudo. perhaps i missed something?) No mac_biba, No mac_partition, no mac_bsdextended, and no mac_portacl... /a
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F7BEFEF.3030702>