d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3a757e5403
freebsd-dev/usr.sbin/bsdinstall/scripts
History
Allan Jude f78bd12d6d bsdinstall(8) hardening menu: Utilize new kern.randompid=1 behaviour 
Enabling the PID randomization option in bsdinstall(8)'s hardening menu
now randomizes the effective value of kern.randompid on each boot.

Previous behaviour:
When kern.randompid was enabled via the the bsdinstall(8) hardening menu,
a random value was generated and placed in the systems /etc/sysctl.conf as
kern.randompid=value
This makes the value of kern.randompid static across reboots.

New behaviour:
When kern.randompid is enabled via the bsdinstall(8) hardening menu, the
line kern.randompid=1 is placed in the systems /etc/sysctl.conf.
This takes advantage of a new kernel feature and makes the value of
kern.randompid be randomized by the kernel on each reboot.

Submitted by:	Marie Helene Kvello-Aune <marieheleneka@gmail.com>
Reviewed by:	des
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D12433
2017-10-02 14:19:31 +00:00
..
adduser
auto bsdinstall: remove EOL whitespace 2017-07-18 23:35:19 +00:00
checksum bsdinstall: improve checksum mismatch error for snapshots 2017-07-19 18:25:52 +00:00
config Ignore error return from newaliases(1) 2017-09-11 17:39:21 +00:00
docsinstall Update copyrights 2015-09-11 20:58:00 +00:00
entropy Explicitly set permissions on entropy files 2015-12-28 17:27:20 +00:00
hardening bsdinstall(8) hardening menu: Utilize new kern.randompid=1 behaviour 2017-10-02 14:19:31 +00:00
hostname Update copyrights 2015-09-11 20:58:00 +00:00
jail Explicitly exit with success 2015-09-11 20:59:13 +00:00
keymap bsdinstall: remove EOL whitespace 2017-07-18 23:35:19 +00:00
Makefile Add new System Hardening menu and options to bsdinstall. 2016-07-15 15:07:24 +00:00
Makefile.depend Add META_MODE support. 2015-06-13 19:20:56 +00:00
mirrorselect Strip the patch level from the release name before trying to fetch the 2014-07-24 17:43:42 +00:00
mount bsdinstall: remove EOL whitespace 2017-07-18 23:35:19 +00:00
netconfig Adapt to new wireless scheme where base wlan interfaces do not show up in 2015-12-06 00:20:45 +00:00
netconfig_ipv4 bsdinstall: record DHCP config after obtaining lease 2017-08-10 20:26:07 +00:00
netconfig_ipv6 bsdinstall: remove EOL whitespace 2017-07-18 23:35:19 +00:00
rootpass Remove trailing newline at EOF 2015-09-11 21:09:39 +00:00
script bsdinstall: do not use distextract in scripted mode 2017-05-22 11:41:17 +00:00
services Add a line to the post-installation configuration dialog to enable the 2014-09-26 11:38:10 +00:00
time Make the new 'set date and time' dialog default to skip 2016-07-14 00:41:19 +00:00
umount bsdinstall: remove EOL whitespace 2017-07-18 23:35:19 +00:00
wlanconfig Revert r309918 -- modern POSIX has deprecated -<#>/+<#> syntax 2016-12-13 22:31:49 +00:00
zfsboot bsdinstall: default to UEFI-only boot on arm64 2017-07-30 23:15:30 +00:00