> Also... all this and you didn't raise the securelevel? Didn't set > system binaries schg? Didn't remove unwanted binaries like rcp(1), > rlogin(1), at(1) etc? > > To add to the list of all this... no mounting of /var /tmp, and /home as noexec, nosuid (oh wait, no suid binaries at all, then all partitions can be mounted as nosuid, except for sudo. perhaps i missed something?)
No mac_biba, No mac_partition, no mac_bsdextended, and no mac_portacl... /a _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
