sysctl.conf
ClosedPublic
Actions

Authored by skreuzer on Aug 8 2016, 2:04 PM.

Details

Reviewers

nwhitehorn
robak
allanjude
adrian
bdrewery

Commits

rS303877: Write kern.randompid to /etc/sysctl.conf

Summary

When selecting "Randomize the PID of newly created processes" in the
system hardening menu, kern.randompid is not added to /etc/sysctl.conf

Test Plan

Do an install in a VM and enable the 'Randomized PID' feature

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 4724
Build 4778: arc lint + arc unit

Event Timeline

skreuzer updated this revision to Diff 19119.Aug 8 2016, 2:04 PM

skreuzer retitled this revision from to Write kern.randompid to /etc/sysctl.conf.

skreuzer updated this object.

skreuzer edited the test plan for this revision. (Show Details)

skreuzer added reviewers: adrian, allanjude, bdrewery, nwhitehorn, robak.

Herald added a subscriber: imp. · View Herald TranscriptAug 8 2016, 2:04 PM

Thanks for catching that!

This revision is now accepted and ready to land.Aug 8 2016, 2:06 PM

allanjude accepted this revision.Aug 9 2016, 2:09 PM

allanjude edited edge metadata.

allanjude added inline comments.

usr.sbin/bsdinstall/scripts/hardening
65	is there a reason this is 9999 not 99999?

@allanjude There is none, other than I don't know if 99999 is acceptable value for this sysctl, and from my experience and testing I know that 9999 is. If the higher number is acceptable as well, then I'm OK with changing it.

allanjude added inline comments.Aug 9 2016, 3:13 PM

usr.sbin/bsdinstall/scripts/hardening
65	it doesn't work the way I thought, so the current value is fine

skreuzer closed this revision.Aug 9 2016, 3:52 PM

Revision Contents
Changeset List

Path

Size

usr.sbin/

bsdinstall/

scripts/

hardening

5 lines

Diff 19119

View Options

usr.sbin/bsdinstall/scripts/hardening

Write kern.randompid to /etc/sysctl.confClosedPublicActions