diff options
| author | Allan Jude <allanjude@FreeBSD.org> | 2017-10-02 14:19:31 +0000 |
|---|---|---|
| committer | Allan Jude <allanjude@FreeBSD.org> | 2017-10-02 14:19:31 +0000 |
| commit | f78bd12d6dd612d76f9019fb5f94e614f78a7e7e (patch) | |
| tree | fdcc46e4acac41d94c283c00991cc19f8c43e8ee /release/arm/CUBIEBOARD2.conf | |
| parent | e5d6b589ce1c8456ccecdc3918bd24a8469972bd (diff) | |
| download | src-f78bd12d6dd612d76f9019fb5f94e614f78a7e7e.tar.gz src-f78bd12d6dd612d76f9019fb5f94e614f78a7e7e.zip | |
bsdinstall(8) hardening menu: Utilize new kern.randompid=1 behaviour
Enabling the PID randomization option in bsdinstall(8)'s hardening menu
now randomizes the effective value of kern.randompid on each boot.
Previous behaviour:
When kern.randompid was enabled via the the bsdinstall(8) hardening menu,
a random value was generated and placed in the systems /etc/sysctl.conf as
kern.randompid=value
This makes the value of kern.randompid static across reboots.
New behaviour:
When kern.randompid is enabled via the bsdinstall(8) hardening menu, the
line kern.randompid=1 is placed in the systems /etc/sysctl.conf.
This takes advantage of a new kernel feature and makes the value of
kern.randompid be randomized by the kernel on each reboot.
Submitted by: Marie Helene Kvello-Aune <marieheleneka@gmail.com>
Reviewed by: des
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D12433
Notes
Notes:
svn path=/head/; revision=324206
Diffstat (limited to 'release/arm/CUBIEBOARD2.conf')
0 files changed, 0 insertions, 0 deletions