Kernel Options

From: bsd hack (time_to_hack_at_yahoo.com)
Date: 07/28/04

  • Next message: Ion-Mihai Tetcu: "Re: Kernel Options" 
    Date: Wed, 28 Jul 2004 11:16:10 -0700 (PDT)
To: freebsd-newbies@freebsd.org

     
    Hi,

       I am working with the Kernel config file to optimize it and also to improve the overall security of the system!

     

    I have the following quetions:

    (1) There are a few options that are not available in the default kernel... like the IPFIREWALL options(and the like)... I basically need to know all possible options I can add to the kernel config file!

    (2) I guess these options can be used to set the kernel variables accessible through the sysctl command. So can I create my own options so that I can set a few kernel variables as and when I build the custom kernel?

    (3) and also my aim includes optimizing the kernel... so by enabling only the options I need to I should get a get optimization... is there anything else that can be done?

    (4) My aim is to improve local and network security. I guess enabling IPFIREWALL helps with the network security part.... are there any special options for local security?

     

    Thank you.

     

    HKR

     

                    
    ---------------------------------
    Do you Yahoo!?
    Yahoo! Mail - 50x more storage than other providers!
    _______________________________________________
    freebsd-newbies@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
    To unsubscribe, send any mail to "freebsd-newbies-unsubscribe@freebsd.org"

  • Next message: Ion-Mihai Tetcu: "Re: Kernel Options"

    Relevant Pages

    • [UNIX] Flaws Found in Recent Linux Kernels (newgrp, symblinks)
      ... Flaws Found in Recent Linux Kernels (newgrp, ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... An attacker can force the kernel to spend almost arbitrary amount of time ... script creates 5 symlinks, each of them containing 2*N+1 path elements. ...
      (Securiteam)
    • [UNIX] Linux Kernel File Offset Pointer Handling
      ... Get your security news from a reliable source. ... The Linux kernel offers a file handling API to the userland applications. ... One of the properties of the file object is something called 'file offset' ... about one page of un-initialized kernel memory and can be exploited to ...
      (Securiteam)
    • [UNIX] Kmail HTML Support Allows Spoofing of Emails Content
      ... Get your security news from a reliable source. ... system call handler in the 2.4 Linux Kernel on the AMD64 platform a local attacker can gain root access using a simple program. ... it contains the sources that the binary kernel rpm packages are created from. ... Since the kernel-source.rpm is an installable package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. ...
      (Securiteam)
    • Re: thoughts on kernel security issues
      ... major security figure and/or haven't donated your life to security and ... the developer and more focus on the development. ... That's pretty complex in terms of kernel code, ... > most of the extra patches that distribution kernels apply are patches ...
      (Linux-Kernel)
    • [UNIX] Grsecurity Allows Modifying of "read-only kernel"
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... local attackers to overwrite the memory content even though protection ... root will not be able to modify the contents of kernel ...
      (Securiteam)