Add destructive dtrace to bsdinstall hardening menu
ClosedPublic
Actions

Authored by code.jpe_gmail.com on Sep 23 2017, 2:13 PM.

Details

Reviewers

allanjude
gnn
des

Commits

rS338852: Add an installer option to disable destructive dtrace.

Summary

Very few users require destructive dtrace, so it is a good candidate for the installer hardening menu. It is currently enabled by default since this was the historic state before the tuneable was introduced.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

code.jpe_gmail.com created this revision.Sep 23 2017, 2:13 PM

Herald added a subscriber: imp. · View Herald TranscriptSep 23 2017, 2:13 PM

code.jpe_gmail.com added a reviewer: gnn.Sep 24 2017, 7:46 AM

allanjude added inline comments.Oct 2 2017, 4:32 AM

usr.sbin/bsdinstall/scripts/hardening
50 ↗	(On Diff #33355)	Might be better worded as "Disallow DTrace destructive-mode"

code.jpe_gmail.com updated this revision to Diff 34121.Oct 18 2017, 7:48 PM

code.jpe_gmail.com marked an inline comment as done.

gnn accepted this revision.Nov 13 2017, 1:33 AM

This revision is now accepted and ready to land.Nov 13 2017, 1:33 AM

code.jpe_gmail.com added a reviewer: des.Sep 20 2018, 6:42 AM

Closed by commit rS338852: Add an installer option to disable destructive dtrace. (authored by des). · Explain WhySep 21 2018, 9:27 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

head/

usr.sbin/

bsdinstall/

scripts/

hardening

5 lines

Diff 48302

View Options

head/usr.sbin/bsdinstall/scripts/hardening

Add destructive dtrace to bsdinstall hardening menuClosedPublicActions