"DSA - JCR" <[EMAIL PROTECTED]> writes: > I would like to use securelevel to secure a backup schedluded box made > with FreeBSD. > > This box mount and unmount external USB disk where the backup is made once > a week.
In that case, you can't set the securelevel higher than 1. > Which would be the correct secure level ? 1, 2, or 3? 0 or 1. > I don't want nobody modify scripts and root things, like adding a user to > make the thing by itself, ... or modify my crontab scripts, etc... Is this a machine that typically has users logging into it? If not, I would concentrate on securing the login procedures available rather than working on limiting the abilities of accounts once they have access to the machine. Securelevel is useful in a fairly narrow range of situations: some of the less obvious are that you have to be sure that you will notice quickly if the machine reboots, and the machine has to be physically secure. > Also, where i must put the kern.securelevel? Set it in rc.conf. > I didnt understood very well in the manual and handbook in which part of > the bootin process (rc) i must put the line in rc.conf? See the manual for rc.conf(5). You will want the kern_securelevel_enable and kern_securelevel variables. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"