Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 14 Feb 2001 22:26:59 -0800
From:      Jordan Hubbard <jkh@winston.osd.bsdi.com>
To:        Michael Lea <mlea@atomicbluebear.org>
Cc:        Kris Kennaway <kris@obsecurity.org>, Rob Simmons <rsimmons@wlcg.com>, Ragnar Beer <rbeer@uni-goettingen.de>, freebsd-security@FreeBSD.ORG
Subject:   Re: security settings documentation 
Message-ID:  <90504.982218419@winston.osd.bsdi.com>
In-Reply-To: Message from Michael Lea <mlea@atomicbluebear.org>  of "Wed, 14 Feb 2001 12:24:33 CST." <20010214122432.A76375@core.atomicbluebear.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
This looks like a really good start for at least a one-pager inside of
sysinstall which comes up when the user hits F1 at the appropriate
menu.  I'll see what I can turn it into.

- Jordan

> 
> --nFreZHaLTZJo0R7j
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> 
> On Wed, 14 Feb 2001, Kris Kennaway wrote:
> 
> > Then write up some documentation for us and send it to doc@freebsd.org
> 
> Somewhat terse, but here's a little "feature" matrix:
> 
>                Fascist        High           Moderate       Low
> inetd          NO             NO             YES            YES
> sendmail       NO             YES            YES            YES
> sshd           NO             YES            YES            YES
> portmap        NO             NO             *              YES
> nfs_server     NO             NO             **             ***
> securelevel    YES (2)        YES (1)        NO             NO
> 
> Any other configuration setting are, as near as I can tell, left unchanged.
> For details on securelevel, see the init(8) man page.
> 
> NOTES:
> *   Portmap is enabled if the machine has been configured as either an NFS
>     client or an NFS server earlier in the installation process.
> **  If the machine has been configured as an NFS server, NFS will only run
>     on a reserved port.
> *** No changes are made to the NFS configuration.
> 
> - Mike
> 
> --nFreZHaLTZJo0R7j
> Content-Type: application/pgp-signature
> Content-Disposition: inline
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.4 (FreeBSD)
> Comment: For info see http://www.gnupg.org
> 
> iEYEARECAAYFAjqKzVwACgkQc9EFi4qQZEySTACgppRgyLkWRA+LJ7fIv8AYuM7T
> W3UAoIQeTHPbvK2WXMzN2/tYYTPMIJpW
> =TMdX
> -----END PGP SIGNATURE-----
> 
> --nFreZHaLTZJo0R7j--
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-doc" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?90504.982218419>