d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
648176e095
freebsd-dev/etc
History
Conrad Meyer 648176e095 bluetooth: Default to discoverable off 
Try to not expose bluetooth devices to external devices unless the user
explicitly configures it, like any other radio/network device.  Bluetooth
has a long history of security problems and it is probably best to keep it
disabled if not needed.

Users who do use the bluetooth device should enable "discoverable" in
bluetooth.device.conf(5) after this change.

Keep in mind that bluetooth addresses can be discovered by passive
monitoring or whole address-space scans[0], so a safety conscious user
should also disable "connectable" in bluetooth.device.conf(5).

[0]: https://www.sans.edu/cyber-research/security-laboratory/article/bluetooth

Reviewed by:	emax, hselasky
Security:	maybe
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12831
2017-11-01 18:58:54 +00:00
..
autofs Enable automounting of exFAT media. 2017-05-04 19:16:36 +00:00
bluetooth
casper
cron.d Conditionally handle the crontab entry for atrun(8) 2017-05-18 06:33:55 +00:00
defaults bluetooth: Default to discoverable off 2017-11-01 18:58:54 +00:00
devd Regenerate etc/devd/usb.conf 2017-10-31 23:33:24 +00:00
etc.aarch64 Update the arm64 ttys file to enable the correct uart based on which device 2015-10-01 09:36:18 +00:00
etc.amd64 Enable all callin ttys if the tty is an available console. 2015-10-20 16:10:46 +00:00
etc.arm Enable ttyu1, ttyu2, ttyu3 for arm installations. 2015-06-21 19:50:02 +00:00
etc.i386 Enable all callin ttys if the tty is an available console. 2015-10-20 16:10:46 +00:00
etc.mips Enable all callin ttys if the tty is an available console. 2015-10-20 16:10:46 +00:00
etc.powerpc Enable all callin ttys if the tty is an available console. 2015-10-20 16:10:46 +00:00
etc.riscv Start support for the RISC-V 64-bit architecture developed by UC Berkeley. 2015-12-11 22:55:23 +00:00
etc.sparc64 Enable all callin ttys if the tty is an available console. 2015-10-20 16:10:46 +00:00
gss
mail Add a ${CP} alias for copying files in the build. 2015-01-16 21:39:08 +00:00
mtree Disconnect libpathconv tests since they require external perl and do not work with kyua. 2017-10-31 19:52:30 +00:00
newsyslog.conf.d Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
ntp Replace the leap-seconds file in r320242 from USNO - 2017-06-23 01:05:49 +00:00
pam.d Remove rcmds. 2017-10-06 08:43:14 +00:00
periodic Anticongestion refinements for ntpd rc script. This reverts r324681 2017-10-19 03:17:50 +00:00
pkg
rc.d bluetooth: Default to discoverable off 2017-11-01 18:58:54 +00:00
root Fix typo introduced in r320672 - check for existence of the right file. 2017-07-05 15:42:33 +00:00
sendmail Move /etc/ to SRCTOP 2017-03-12 18:58:55 +00:00
syslog.d Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
amd.map
apmd.conf
auto_master Stop appending "noatime" in the autofs -media map, and instead add it 2016-09-20 04:52:01 +00:00
blacklistd.conf Add basic blacklist build support 2016-06-02 19:06:04 +00:00
crontab Conditionally handle the crontab entry for atrun(8) 2017-05-18 06:33:55 +00:00
csh.cshrc
csh.login
csh.logout
ddb.conf
devd.conf Update devd.conf for ports change 421360 2017-02-27 15:32:56 +00:00
devfs.conf
dhclient.conf
disktab
fbtab
freebsd-update.conf
ftpusers
gettytab
group Fix regression introduced on r293801. 2016-01-27 06:28:56 +00:00
hosts
hosts.allow Allow info to display correctly in for varying tabstop settings 2014-12-24 01:50:44 +00:00
hosts.equiv
hosts.lpd
inetd.conf Remove rcmds. 2017-10-06 08:43:14 +00:00
libalias.conf
libmap.conf
login.access
login.conf Fix handling of umtxp resource limit in sh(1)/ulimit(1), limits(1), add 2016-03-12 14:54:34 +00:00
mac.conf
Makefile Remove a atrun check that is nullified by r318443. 2017-10-21 21:58:24 +00:00
Makefile.depend META MODE: Update dependencies with 'the-lot' and add missing directories. 2015-12-01 05:23:19 +00:00
master.passwd Capitalize "LDAP" in the description field of the _ypldap entry. 2016-05-10 12:47:36 +00:00
minfree
motd Add the less-ambiguous freebsd-version command. 2014-11-02 19:25:31 +00:00
netconfig
netstart Remove NATM configuration bits and assorted NATM and ATM remnants. 2017-04-25 21:59:34 +00:00
network.subr Remove NATM configuration bits and assorted NATM and ATM remnants. 2017-04-25 21:59:34 +00:00
networks
newsyslog.conf Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
nls.alias
nscd.conf
nsmb.conf
nsswitch.conf Implement an NSS backend for netgroups and add getnetgrent_r(3). 2016-06-09 01:28:44 +00:00
ntp.conf Update ntp.conf to use the ntpd pool feature. 2017-01-02 15:19:22 +00:00
opieaccess
pccard_ether Do not try to recreate wlan(4) interface if it already exists. 2016-12-04 15:58:34 +00:00
pf.os
phones
portsnap.conf Now that the portsnap buildbox is generating the raw bits for INDEX-12, 2016-08-14 05:18:38 +00:00
printcap Update several more URLs 2017-10-29 08:17:03 +00:00
profile
protocols etc: minor spelling fixes. 2016-05-01 16:43:22 +00:00
rc Use checkyesno instead of rolling my own.. 2016-10-23 18:00:09 +00:00
rc.bsdextended
rc.firewall Slight tidy up of comments before MFC 2015-06-29 07:43:09 +00:00
rc.initdiskless Remove spurious $flags; it's a paste-o from copying the line from rc.subr. 2017-09-29 22:21:42 +00:00
rc.resume
rc.sendmail
rc.shutdown Since r275359, there is no need to provide a bogus service name. 2015-10-26 15:16:27 +00:00
rc.subr rc.subr: Remove test that is always true. 2017-10-15 11:28:41 +00:00
rc.suspend
regdomain.xml
remote
rpc
services Add an example inetd(8) entry for the Prometheus sysctl exporter. 2016-12-21 08:32:20 +00:00
shells
snmpd.config Move the mibII module up so uncommenting the bridge module works 2017-01-07 09:03:40 +00:00
sysctl.conf
syslog.conf Handle the logfiles in newsyslog and syslogd conditionally, based on 2017-05-13 03:10:50 +00:00
termcap.small