Changeset View
Changeset View
Standalone View
Standalone View
share/man/man7/security.7
Show First 20 Lines • Show All 533 Lines • ▼ Show 20 Lines | |||||
(if your platform has it) may not be opened at all; | (if your platform has it) may not be opened at all; | ||||
kernel modules (see | kernel modules (see | ||||
.Xr kld 4 ) | .Xr kld 4 ) | ||||
may not be loaded or unloaded. | may not be loaded or unloaded. | ||||
The kernel debugger may not be entered using the | The kernel debugger may not be entered using the | ||||
.Va debug.kdb.enter | .Va debug.kdb.enter | ||||
sysctl. | sysctl. | ||||
A panic or trap cannot be forced using the | A panic or trap cannot be forced using the | ||||
.Va debug.kdb.panic | .Va debug.kdb.panic , | ||||
.Va debug.kdb.panic_str | |||||
lwhsu: Don't forget to bump `.Dd` | |||||
and other sysctl's. | and other sysctl's. | ||||
.It Ic 2 | .It Ic 2 | ||||
Highly secure mode \- same as secure mode, plus disks may not be | Highly secure mode \- same as secure mode, plus disks may not be | ||||
opened for writing (except by | opened for writing (except by | ||||
.Xr mount 2 ) | .Xr mount 2 ) | ||||
whether mounted or not. | whether mounted or not. | ||||
This level precludes tampering with file systems by unmounting them, | This level precludes tampering with file systems by unmounting them, | ||||
but also inhibits running | but also inhibits running | ||||
▲ Show 20 Lines • Show All 559 Lines • Show Last 20 Lines |
Don't forget to bump .Dd