Chapter 2. BSD Security Building Blocks
Phenomenal, cosmic power! Itty-bitty living space.
—The Genie Disney’s Aladdin
FreeBSD and OpenBSD provide unique and powerful features that make excellent building blocks for any secure deployment. This chapter gives you a tour of the most important ones and describes how you can get the most out of them. We will be uncovering functionality that has been in these operating systems for years, yet you may never have known it was there. In the end, you’ll have a whole new set of tools you can apply to the different security challenges you face.
The goal of this chapter is to provide you with a set of building blocks that will become rudiments in your security repertoire. In later chapters we discuss how to combine these different rudiments to create more complex security structures that protect individual processes or whole systems. We group our building blocks into five categories.
- The filesystem
If you’ve worked with any kind of Unix filesystem in the past, this chapter will start in familiar territory. It’s only a stepping-off point, however. The BSD systems offer significantly advanced features in their filesystems that are not duplicated on many other Unix-like operating systems. We explore these new features in depth, tell you how to use them, and describe some of the situations where they apply well.
- The kernel
The BSD kernels provide a variety of tunable options, many of which can help us secure our systems. We cover what they do and ...
Get Mastering FreeBSD and OpenBSD Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
