From owner-freebsd-questions@FreeBSD.ORG  Wed Feb 24 23:19:36 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DE7D91065670
	for <questions@freebsd.org>; Wed, 24 Feb 2010 23:19:36 +0000 (UTC)
	(envelope-from bruce@cran.org.uk)
Received: from muon.cran.org.uk (unknown [IPv6:2001:470:1f09:679::1])
	by mx1.freebsd.org (Postfix) with ESMTP id A5C408FC16
	for <questions@freebsd.org>; Wed, 24 Feb 2010 23:19:36 +0000 (UTC)
Received: from muon.cran.org.uk (localhost [127.0.0.1])
	by muon.cran.org.uk (Postfix) with ESMTP id B77708F62;
	Wed, 24 Feb 2010 23:19:39 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on muon.cran.org.uk
X-Spam-Level: 
X-Spam-Status: No, score=-3.1 required=8.0 tests=AWL,BAYES_00,RDNS_DYNAMIC
	autolearn=no version=3.2.5
Received: from unknown (87-194-158-129.bethere.co.uk [87.194.158.129])
	(using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
	(No client certificate requested)
	by muon.cran.org.uk (Postfix) with ESMTPSA;
	Wed, 24 Feb 2010 23:19:39 +0000 (UTC)
Date: Wed, 24 Feb 2010 23:19:23 +0000
From: Bruce Cran <bruce@cran.org.uk>
To: Robert Bonomi <bonomi@mail.r-bonomi.com>
Message-ID: <20100224231923.0000022c@unknown>
In-Reply-To: <201002242247.o1OMlPov010540@mail.r-bonomi.com>
References: <201002242247.o1OMlPov010540@mail.r-bonomi.com>
X-Mailer: Claws Mail 3.7.2cvs27 (GTK+ 2.16.0; i586-pc-mingw32msvc)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: questions@freebsd.org
Subject: Re: how to disable loadable kernel moduels?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2010 23:19:36 -0000

On Wed, 24 Feb 2010 16:47:25 -0600 (CST)
Robert Bonomi <bonomi@mail.r-bonomi.com> wrote:

> I'm building custom kernels for use in 'hostile' environments --
> where I need to enforce "restricted" capabilities, even in the event
> of malicious 'root' access.  (if the bad guy has *physical* access to
> the machine, I know I'm toast, so I don't try to protect against
> _that_ in software -- beyond the usual access-control mechnisms, that
> is.)

See security(7) -
http://www.freebsd.org/cgi/man.cgi?query=security&sektion=7

Securelevel 1 disables the loading of kernel modules; the manual page
has far more details of how to secure the system further.

-- 
Bruce Cran