diff options
Diffstat (limited to 'usr.sbin/bsdconfig/security/include')
| -rw-r--r-- | usr.sbin/bsdconfig/security/include/Makefile | 4 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/security/include/Makefile.depend | 10 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/security/include/messages.subr | 49 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/security/include/securelevel.hlp | 40 |
4 files changed, 103 insertions, 0 deletions
diff --git a/usr.sbin/bsdconfig/security/include/Makefile b/usr.sbin/bsdconfig/security/include/Makefile new file mode 100644 index 000000000000..73f8bb67a65d --- /dev/null +++ b/usr.sbin/bsdconfig/security/include/Makefile @@ -0,0 +1,4 @@ +FILESDIR= ${LIBEXECDIR}/bsdconfig/130.security/include +FILES= messages.subr securelevel.hlp + +.include <bsd.prog.mk> diff --git a/usr.sbin/bsdconfig/security/include/Makefile.depend b/usr.sbin/bsdconfig/security/include/Makefile.depend new file mode 100644 index 000000000000..11aba52f82cf --- /dev/null +++ b/usr.sbin/bsdconfig/security/include/Makefile.depend @@ -0,0 +1,10 @@ +# Autogenerated - do NOT edit! + +DIRDEPS = \ + + +.include <dirdeps.mk> + +.if ${DEP_RELDIR} == ${_DEP_RELDIR} +# local dependencies - needed for -jN in clean tree +.endif diff --git a/usr.sbin/bsdconfig/security/include/messages.subr b/usr.sbin/bsdconfig/security/include/messages.subr new file mode 100644 index 000000000000..b86c5dd7d718 --- /dev/null +++ b/usr.sbin/bsdconfig/security/include/messages.subr @@ -0,0 +1,49 @@ +# Copyright (c) 2012 Devin Teske +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# + +hline_arrows_tab_enter="Press arrows, TAB or ENTER" +hline_select_securelevel_to_operate_at="Select a securelevel to operate at" +msg_cancel="Cancel" +msg_disable_securelevels="Disable securelevels" +msg_disabled="Disabled" +msg_exit="Exit" +msg_exit_this_menu="Exit this menu" +msg_highly_secure="Highly Secure" +msg_highly_secure_mode="Highly secure mode" +msg_menu_text="This menu allows you to configure aspects of the operating system security\npolicy. Please read the system documentation carefully before modifying\nthese settings, as they may cause service disruption if used improperly.\n\nMost settings will take effect only following a system reboot." +msg_network_secure="Network Secure" +msg_network_secure_mode="Network secure mode" +msg_nfs_port="NFS port" +msg_nfs_port_desc="Require that the NFS clients use reserved ports" +msg_ok="OK" +msg_secure="Secure" +msg_secure_mode="Secure mode" +msg_securelevel="Securelevel" +msg_securelevel_desc="Configure securelevels for the system" +msg_securelevels_menu_text="This menu allows you to select the securelevel your system runs with.\nWhen operating at a securelevel, certain root privileges are disabled,\nwhich may increase resistance to exploits and protect system integrity.\nIn secure mode system flags may not be overridden by the root user,\naccess to direct kernel memory is limited, and kernel modules may not\nbe changed. In highly secure mode, mounted file systems may not be\nmodified on-disk, tampering with the system clock is prohibited. In\nnetwork secure mode configuration changes to firewalling are prohibited.\n " +msg_securelevels_menu_title="Securelevel Configuration Menu" +msg_system_security_options_menu="System Security Options Menu" +msg_unknown_kern_securelevel_selection="Unknown kern.securelevel selection" +msg_unknown_security_menu_selection="Unknown security menu selection" diff --git a/usr.sbin/bsdconfig/security/include/securelevel.hlp b/usr.sbin/bsdconfig/security/include/securelevel.hlp new file mode 100644 index 000000000000..27eb1ec231b9 --- /dev/null +++ b/usr.sbin/bsdconfig/security/include/securelevel.hlp @@ -0,0 +1,40 @@ +This menu allows you to configure the Securelevel mechanism in FreeBSD. + +Securelevels may be used to limit the privileges assigned to the +root user in multi-user mode, which in turn may limit the effects of +a root compromise, at the cost of reducing administrative functions. +Refer to the security(7) and init(8) manual pages for complete details. + + -1 Permanently insecure mode - always run the system in level 0 + mode. This is the default initial value. + + 0 Insecure mode - immutable and append-only flags may be turned + off. All devices may be read or written subject to their + permissions. + + 1 Secure mode - the system immutable and system append-only + flags may not be turned off; disks for mounted file systems, + /dev/mem, /dev/kmem and /dev/io (if your platform has it) + may not be opened for writing; kernel modules (see kld(4)) + may not be loaded or unloaded. + + 2 Highly secure mode - same as secure mode, plus disks may not + be opened for writing (except by mount(2)) whether mounted or + not. This level precludes tampering with file systems by + unmounting them, but also inhibits running newfs(8) while the + system is multi-user. + + In addition, kernel time changes are restricted to less than + or equal to one second. Attempts to change the time by more + than this will log the message ``Time adjustment clamped to +1 + second''. + + 3 Network secure mode - same as highly secure mode, plus IP + packet filter rules (see ipfw(8), ipfirewall(4) and pfctl(8)) + cannot be changed and dummynet(4) or pf(4) configuration + cannot be adjusted. + +Securelevels must be used in combination with careful system design and +application of protective mechanisms to prevent system configuration +files from being modified in a way that compromises the protections of +the securelevel variable upon reboot. |