HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS327915

MFC r324206:
rS327915
Actions

Description

MFC r324206:

bsdinstall(8) hardening menu: Utilize new kern.randompid=1 behaviour

Enabling the PID randomization option in bsdinstall(8)'s hardening menu
now randomizes the effective value of kern.randompid on each boot.

Previous behaviour:
When kern.randompid was enabled via the the bsdinstall(8) hardening menu,
a random value was generated and placed in the systems /etc/sysctl.conf as
kern.randompid=value
This makes the value of kern.randompid static across reboots.

New behaviour:
When kern.randompid is enabled via the bsdinstall(8) hardening menu, the
line kern.randompid=1 is placed in the systems /etc/sysctl.conf.
This takes advantage of a new kernel feature and makes the value of
kern.randompid be randomized by the kernel on each reboot.

Details

Provenance
eadlerAuthored on
Parents
rS327914: sx: retry hard shared unlock just like in r327905 for rwlocks
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
stable/
11/
usr.sbin/
bsdinstall/
scripts/

rS327915

View Options

stable/11/

Loading...
View Options

stable/11/usr.sbin/bsdinstall/scripts/hardening

Loading...