Sysctl: Difference between revisions
From Hackepedia
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| Line 23: | Line 23: | ||
some popular ones you might want to check out: | some popular ones you might want to check out: | ||
net.inet.ip.forwarding: Enable IP forwarding between interfaces # To allow your computer to act as a [[router]] | net.inet.ip.forwarding: Enable IP forwarding between interfaces # To allow your computer to act as a [[router]] | ||
kern.securelevel: Current secure level # You can only increase this number. | kern.securelevel: Current secure level # You can only increase this number. | ||
Revision as of 16:19, 29 November 2005
Sysctl - get or set kernel state
To see a specific kernel state:
$ sysctl security.bsd.see_other_uids security.bsd.see_other_uids: 1
What does the tunable do?
$ sysctl -d security.bsd.see_other_uids security.bsd.see_other_uids: Unprivileged processes may see subjects/objects with different real uid
To change the status of this tunable:
# sysctl security.bsd.see_other_uids=0 security.bsd.see_other_uids: 1 -> 0
We have now changed the system settings to prevent users from seeing information about processes that are being run under another UID.
To list all the currently available non-opaque values:
$ sysctl -a
some popular ones you might want to check out:
net.inet.ip.forwarding: Enable IP forwarding between interfaces # To allow your computer to act as a router
kern.securelevel: Current secure level # You can only increase this number.
