Sysctl: Difference between revisions
From Hackepedia
Jump to navigationJump to search
No edit summary |
link |
||
| (3 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
Sysctl - get or set kernel state | Sysctl - get or set [[kernel]] state | ||
To see a specific kernel state: | To see a specific kernel state: | ||
| Line 24: | Line 24: | ||
some popular ones you might want to check out: | some popular ones you might want to check out: | ||
net.inet. | net.inet.ip.forwarding: Enable IP forwarding between interfaces # To allow your computer to act as a [[router]] | ||
kern.securelevel: Current secure level # You can only increase this number. | |||
kern.randompid: Chooses a random pid number when a new process is forked, as OpenBSD does by default. | |||
Latest revision as of 09:12, 28 March 2013
Sysctl - get or set kernel state
To see a specific kernel state:
$ sysctl security.bsd.see_other_uids security.bsd.see_other_uids: 1
What does the tunable do?
$ sysctl -d security.bsd.see_other_uids security.bsd.see_other_uids: Unprivileged processes may see subjects/objects with different real uid
To change the status of this tunable:
# sysctl security.bsd.see_other_uids=0 security.bsd.see_other_uids: 1 -> 0
We have now changed the system settings to prevent users from seeing information about processes that are being run under another UID.
To list all the currently available non-opaque values:
$ sysctl -a
some popular ones you might want to check out:
net.inet.ip.forwarding: Enable IP forwarding between interfaces # To allow your computer to act as a router
kern.securelevel: Current secure level # You can only increase this number.
kern.randompid: Chooses a random pid number when a new process is forked, as OpenBSD does by default.
