Kernel Options

From: bsd hack (time_to_hack_at_yahoo.com)
Date: 07/28/04

  • Next message: Joshua Tinnin: "Re: BigApache for Windows - Why doesn't BSD have an installer package like this ???" 
    Date: Wed, 28 Jul 2004 12:02:54 -0700 (PDT)
To: freebsd-questions@freebsd.org

    Hi,
        I am working with the Kernel config file to optimize it and also to
    improve the overall security of the system!
     
    I have the following quetions:
    (1) There are a few options that are not available in the default
    kernel... like the IPFIREWALL options(and the like)... I basically need to
    know all possible options I can add to the kernel config file!
    (2) I guess these options can be used to set the kernel variables
    accessible through the sysctl command. So can I create my own options so
    that I can set a few kernel variables as and when I build the custom
    kernel?
    (3) and also my aim includes optimizing the kernel... so by enabling
    only the options I need to I should get a get optimization... is there
    anything else that can be done?
    (4) My aim is to improve local and network security. I guess enabling
    IPFIREWALL helps with the network security part.... are there any
    special options for local security?
     
    Thank you.
     
    -HKR

                    
    ---------------------------------
    Do you Yahoo!?
    New and Improved Yahoo! Mail - Send 10MB messages!
    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Joshua Tinnin: "Re: BigApache for Windows - Why doesn't BSD have an installer package like this ???"

    Relevant Pages

    • [UNIX] Flaws Found in Recent Linux Kernels (newgrp, symblinks)
      ... Flaws Found in Recent Linux Kernels (newgrp, ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... An attacker can force the kernel to spend almost arbitrary amount of time ... script creates 5 symlinks, each of them containing 2*N+1 path elements. ...
      (Securiteam)
    • [UNIX] Linux Kernel File Offset Pointer Handling
      ... Get your security news from a reliable source. ... The Linux kernel offers a file handling API to the userland applications. ... One of the properties of the file object is something called 'file offset' ... about one page of un-initialized kernel memory and can be exploited to ...
      (Securiteam)
    • [UNIX] Kmail HTML Support Allows Spoofing of Emails Content
      ... Get your security news from a reliable source. ... system call handler in the 2.4 Linux Kernel on the AMD64 platform a local attacker can gain root access using a simple program. ... it contains the sources that the binary kernel rpm packages are created from. ... Since the kernel-source.rpm is an installable package that contains sources for the linux kernel, it is not the source RPM for the kernel RPM binary packages. ...
      (Securiteam)
    • Re: thoughts on kernel security issues
      ... major security figure and/or haven't donated your life to security and ... the developer and more focus on the development. ... That's pretty complex in terms of kernel code, ... > most of the extra patches that distribution kernels apply are patches ...
      (Linux-Kernel)
    • [UNIX] Local Netfilter / IPTables IP Queue PID Wrap Flaw
      ... Beyond Security would like to welcome Tiscali World Online ... and a userspace library which allow userspace mediation and modification ... NET_ADMIN capability) to process packets from the kernel. ...
      (Securiteam)