On Wed, 29 Sep 2004 19:50:29 -0400 David Schultz <[email protected]> wrote: > On Wed, Sep 29, 2004, David Pick wrote: > > 6) securelevel *is* a great thing but sysadmins are tied to the > > hierarchy of levels chosen by the project, and one size does *not* > > fit all. As a more general mechanism I would suggest that there > > is a kernel-build option for *each* facility that can be locked > > by securelevel, which geves the level at which that facility > > becomes locked. > > Great idea. See mac(4). And don't forget to read the <shameless plug>MAC</shameless plug> chapter in the FreeBSD Handbook. :) -- Tom Rhodes _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"