Sysctl: Difference between revisions
From Hackepedia
Jump to navigationJump to search
No edit summary |
m added kern.randompid |
||
Line 27: | Line 27: | ||
kern.securelevel: Current secure level # You can only increase this number. | kern.securelevel: Current secure level # You can only increase this number. | ||
kern.randompid: Chooses a random pid number when a new process is forked, as OpenBSD does by default. |
Revision as of 16:11, 24 February 2006
Sysctl - get or set kernel state
To see a specific kernel state:
$ sysctl security.bsd.see_other_uids security.bsd.see_other_uids: 1
What does the tunable do?
$ sysctl -d security.bsd.see_other_uids security.bsd.see_other_uids: Unprivileged processes may see subjects/objects with different real uid
To change the status of this tunable:
# sysctl security.bsd.see_other_uids=0 security.bsd.see_other_uids: 1 -> 0
We have now changed the system settings to prevent users from seeing information about processes that are being run under another UID.
To list all the currently available non-opaque values:
$ sysctl -a
some popular ones you might want to check out:
net.inet.ip.forwarding: Enable IP forwarding between interfaces # To allow your computer to act as a router
kern.securelevel: Current secure level # You can only increase this number.
kern.randompid: Chooses a random pid number when a new process is forked, as OpenBSD does by default.