Sean Murphy wrote:
I guess by default FeeBSD runs at -1
That's right.
what would most of you recommend doing? is this primary to keep local
users (ssh) in check? does it help in remote attacks (buffer overflow)
is it even needed?
Read man securelevel and see for yourself what it does. High
Sean Murphy writes:
SM what would most of you recommend doing?
I've been running at securelevel=3 for years. There are some things
that won't work (such as X servers), but not enough to be a problem for
me.
I've set the system immutable flag on virtually all the binaries as
well (not the