Hi, during FreeBSD install process, one of last menu asks for some security settings, eg.
and so on.
I am pretty unshure is this is the same of using "MAC" capabilities, as described in Handbook's Chapter 15.
When I select the above features during install, I found some entries in /etc/sysctl.conf, eg.
With MAC, it seems the same goal is achieved by:
in /boot/loader.conf
I am a bit confused.
Thank you!
Code:
Hide processes running as other users
Hide processes running as other groups
Disable reading kernel messages buffer for unprivileged users
and so on.
I am pretty unshure is this is the same of using "MAC" capabilities, as described in Handbook's Chapter 15.
When I select the above features during install, I found some entries in /etc/sysctl.conf, eg.
Code:
security.bsd.see_other_uids=0
With MAC, it seems the same goal is achieved by:
Code:
mac_seeotheruids_load="YES"
in /boot/loader.conf
I am a bit confused.
Thank you!