use S for extras security at the expense of performance. Use other options
only if you know what you are doing and have specific needs.
BTW, ssh and sshd enable S by themselves.

-> so "S" is the best way, Thanks! :)
Sent: Friday, October 14, 2016 at 12:20 PM

From: "Otto Moerbeek" <>
To: "Peter Janos" <>
Cc: "openbsd misc" <>
Subject: Re: What are the security features in OpenBSD 6.0 that are by
default disabled?
On Fri, Oct 14, 2016 at 09:21:24AM +0200, Peter Janos wrote:

> Hello,
> I know some features that can give additional security isn't turned on due
> because of the bad quality of the code in ports and some also decreases
> performance (or disables a feature, ex.: screenlock doesn't work if nosuid
> set, but if feature not used, nousid can be used).
> I only know about these "security hardenings", hopefully all are ok (if
> please say/argue!):
> ==================================================================
> ln -s GJU /etc/malloc.conf

$ man man.conf | grep security


Reply via email to