Hi all,
I'm working through the Lynis results on a fresh FreeBSD install and need info about the likely background of this:
KRNL-6000 Disable changing the keymap by non-privileged users: hw.kbd.keymap_restrict_change
Default value: 0 (no restrictions on keyboard reconfiguration)
Preferred value: 4 (don't allow any keyboard reconfiguration except for root)
I am seeing a buffer overflow CVE for FreeBSD 10 and before, and restricting keyboard reconfiguration eliminates the thread.
Is that the only reason why Lynis is reporting this, or are there other factors I should consider?
On a side note, I don't see hw.kbd.keymap_restrict_change documented on the sysctl manpages; where are such settings documented?
I'm working through the Lynis results on a fresh FreeBSD install and need info about the likely background of this:
KRNL-6000 Disable changing the keymap by non-privileged users: hw.kbd.keymap_restrict_change
Default value: 0 (no restrictions on keyboard reconfiguration)
Preferred value: 4 (don't allow any keyboard reconfiguration except for root)
I am seeing a buffer overflow CVE for FreeBSD 10 and before, and restricting keyboard reconfiguration eliminates the thread.
Is that the only reason why Lynis is reporting this, or are there other factors I should consider?
On a side note, I don't see hw.kbd.keymap_restrict_change documented on the sysctl manpages; where are such settings documented?