<feed xmlns='http://www.w3.org/2005/Atom'>
<title>src/release/sysinstall/config.c, branch main</title>
<subtitle>FreeBSD source tree</subtitle>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/'/>
<entry>
<title>Sysinstall has been repocopied to src/usr.sbin/sysinstall and everything</title>
<updated>2001-01-17T07:14:45+00:00</updated>
<author>
<name>John Baldwin</name>
<email>jhb@FreeBSD.org</email>
</author>
<published>2001-01-17T07:14:45+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=d2ef0cdab2fd284176fe351fd9375a62fb4c3154'/>
<id>d2ef0cdab2fd284176fe351fd9375a62fb4c3154</id>
<content type='text'>
now uses the sources found there.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
now uses the sources found there.
</pre>
</div>
</content>
</entry>
<entry>
<title>Replace GNOME + Afterstep choice with GNOME + sawfish.  This is a more</title>
<updated>2000-11-14T00:03:52+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>2000-11-14T00:03:52+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=2d163292508d214cea0487be405ad3833bc96c16'/>
<id>2d163292508d214cea0487be405ad3833bc96c16</id>
<content type='text'>
popular configuration now.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
popular configuration now.
</pre>
</div>
</content>
</entry>
<entry>
<title>For High security profile, set securelevel to 1 to protect /dev/*mem</title>
<updated>2000-11-07T23:05:14+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>2000-11-07T23:05:14+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=17d7bfc3fcd94bc02b3a5cb15d4c54f521756848'/>
<id>17d7bfc3fcd94bc02b3a5cb15d4c54f521756848</id>
<content type='text'>
and mounted disks, among other things.

Requested by:	kirk
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
and mounted disks, among other things.

Requested by:	kirk
</pre>
</div>
</content>
</entry>
<entry>
<title>Add another security configuration profile, call it "high" and</title>
<updated>2000-10-14T21:02:31+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>2000-10-14T21:02:31+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=042c61e58d851558d564477dbefffb606b433062'/>
<id>042c61e58d851558d564477dbefffb606b433062</id>
<content type='text'>
rename the previous one to indicate that it's not just high, it's
extreme (everything off, secure level raised).

Submitted mostly by:	Tony Finch &lt;dot@dotat.at&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
rename the previous one to indicate that it's not just high, it's
extreme (everything off, secure level raised).

Submitted mostly by:	Tony Finch &lt;dot@dotat.at&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>PR:		21729</title>
<updated>2000-10-05T23:27:32+00:00</updated>
<author>
<name>Murray Stokely</name>
<email>murray@FreeBSD.org</email>
</author>
<published>2000-10-05T23:27:32+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=d665d812e2b9ab9a715ed2a576f6fd15da71f0be'/>
<id>d665d812e2b9ab9a715ed2a576f6fd15da71f0be</id>
<content type='text'>
Approved by:	jkh

Write kern_securelevel_enable variable to rc.conf if user selects
medium or low security in sysinstall.  This overrides the case where a
user selects fascist security and then tries to go back to a lower
setting.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Approved by:	jkh

Write kern_securelevel_enable variable to rc.conf if user selects
medium or low security in sysinstall.  This overrides the case where a
user selects fascist security and then tries to go back to a lower
setting.
</pre>
</div>
</content>
</entry>
<entry>
<title>One small tweak on the security profile code; don't be verbose if</title>
<updated>2000-09-24T06:44:00+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>2000-09-24T06:44:00+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=53447cc7b91ed49a4c128a9ec92d3d6adcf28322'/>
<id>53447cc7b91ed49a4c128a9ec92d3d6adcf28322</id>
<content type='text'>
setting up default values for an express/custom install.  It would
be confusing to see the informational popup completely out of context.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
setting up default values for an express/custom install.  It would
be confusing to see the informational popup completely out of context.
</pre>
</div>
</content>
</entry>
<entry>
<title>One whack at the idea of having "security profiles" which select the</title>
<updated>2000-09-22T19:12:41+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>2000-09-22T19:12:41+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=b9d13dac472e7f33219e3180feb658f2a31513d0'/>
<id>b9d13dac472e7f33219e3180feb658f2a31513d0</id>
<content type='text'>
appropriate(?) defaults for "low", "medium" and "high" security
environments.  Medium is basically what we currently have with a little
seat-belt tightening where it made sense.  Low is the same as medium but
without the tightening.  High is positively fascist with nothing turned
on by default and an automatic call to 911 if it can find a modem.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
appropriate(?) defaults for "low", "medium" and "high" security
environments.  Medium is basically what we currently have with a little
seat-belt tightening where it made sense.  Low is the same as medium but
without the tightening.  High is positively fascist with nothing turned
on by default and an automatic call to 911 if it can find a modem.
</pre>
</div>
</content>
</entry>
<entry>
<title>enable sshd by default.  This only effects *new* installs, so</title>
<updated>2000-09-04T15:50:15+00:00</updated>
<author>
<name>Jordan K. Hubbard</name>
<email>jkh@FreeBSD.org</email>
</author>
<published>2000-09-04T15:50:15+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=45b9c3d79cf55e478d65a5b387fe406f3b9e91ec'/>
<id>45b9c3d79cf55e478d65a5b387fe406f3b9e91ec</id>
<content type='text'>
upgraders will not receive any unpleasant surprises.
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
upgraders will not receive any unpleasant surprises.
</pre>
</div>
</content>
</entry>
<entry>
<title>Remove a stray backspace character.</title>
<updated>2000-08-27T18:49:12+00:00</updated>
<author>
<name>John W. De Boskey</name>
<email>jwd@FreeBSD.org</email>
</author>
<published>2000-08-27T18:49:12+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=0d4ea86b6e9da209bd2fdfba87cc08e9e76de0cd'/>
<id>0d4ea86b6e9da209bd2fdfba87cc08e9e76de0cd</id>
<content type='text'>
Reviewed by:	Eivind Eklund &lt;eivind@FreeBSD.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Reviewed by:	Eivind Eklund &lt;eivind@FreeBSD.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Change the defaults for portmap, sendmail and inetd to be not running them.</title>
<updated>2000-07-28T22:45:36+00:00</updated>
<author>
<name>Eivind Eklund</name>
<email>eivind@FreeBSD.org</email>
</author>
<published>2000-07-28T22:45:36+00:00</published>
<link rel='alternate' type='text/html' href='http://cgit.freebsd.org/src/commit/?id=8e4a14a9fad087fc97064c5c89e48488132458bc'/>
<id>8e4a14a9fad087fc97064c5c89e48488132458bc</id>
<content type='text'>
Make sysinstall override this on install, so the effective behavioural
change for a newly installed system is null.  Overall, this makes a system
with an empty /etc/rc.conf not run any network services, and makes the
FreeBSD-provided network services that are running visible in /etc/rc.conf
(instead of making people look through /etc/defaults/rc.conf to find the
things they need to disable to secure the system.)

Reviewed by:	jhb
Discussed with:	The usual cabal
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Make sysinstall override this on install, so the effective behavioural
change for a newly installed system is null.  Overall, this makes a system
with an empty /etc/rc.conf not run any network services, and makes the
FreeBSD-provided network services that are running visible in /etc/rc.conf
(instead of making people look through /etc/defaults/rc.conf to find the
things they need to disable to secure the system.)

Reviewed by:	jhb
Discussed with:	The usual cabal
</pre>
</div>
</content>
</entry>
</feed>
