System Security Profiles and Kernel Security (Securelevels)
Prior to FreeBSD 5.0, FreeBSD was configured to provide a layer of security over its kernel and user process with a mechanism called Securelevels. You chose a securelevel setting at the time you installed FreeBSD, and it enforced protections such as setting the “immutable” flag on the kernel such that even root couldn’t delete or overwrite it.
Securelevels have, unfortunately, been proven to be ineffectual (details are at http://www.securiteam.com/unixfocus/5NP0G0AHFC.html), and the securelevel setting has been removed from the standard installation and system configuration procedures in modern versions of FreeBSD. However, the functionality of Securelevels is still present in FreeBSD, ...
Get FreeBSD6 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
