From owner-freebsd-questions@FreeBSD.ORG Mon Apr 6 10:58:22 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5415A8A0 for ; Mon, 6 Apr 2015 10:58:22 +0000 (UTC) Received: from bede.qeng-ho.org (bede.qeng-ho.org [217.155.128.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CE4F3772 for ; Mon, 6 Apr 2015 10:58:21 +0000 (UTC) Received: from arthur.home.qeng-ho.org (arthur.home.qeng-ho.org [172.23.1.2]) by bede.home.qeng-ho.org (8.14.9/8.14.7) with ESMTP id t36AvaLw056317; Mon, 6 Apr 2015 11:57:37 +0100 (BST) (envelope-from freebsd@qeng-ho.org) Message-ID: <552266A0.6050301@qeng-ho.org> Date: Mon, 06 Apr 2015 11:57:36 +0100 From: Arthur Chance User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Ernie Luzar , FreeBSD Questions Subject: Re: set securelevel without a reboot References: <55225E09.8080505@gmail.com> In-Reply-To: <55225E09.8080505@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Apr 2015 10:58:22 -0000 On 06/04/2015 11:20, Ernie Luzar wrote: > Is there a way to enable kern_securelevel beside putting the statements > in rc.conf and rebooting the system? man 7 security "The security level can be set with a sysctl(8) on the kern.securelevel variable." That's all that the rc script does. Of course, if you want to *reduce* the secure level to 0 or -1 you will need a reboot. -- Those who do not learn from computing history are doomed to GOTO 1