Securelevels (sysctl kern.securelevel) provide a mechanism to limit the effects of root compromise on a running machine. In theory, the higher the securelevel, the more restricted uid 0 is. However, the current securelevel limits provide little or no protection against a root compromise beyond a single boot, as it is difficult to prevent root from modifying files that are used prior to the raising of the securelevel (such as system libraries and configuration scripts).

As part of the FreeBSD Hardening Project, we hope to identify key points of weakness in the current securelevel implementation, and attempt to make improvements. This will include:

Back to Wishlist