CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	eadler <eadler@FreeBSD.org>
	Sat, 13 Jan 2018 09:28:43 +0000 (09:28 +0000)
committer	eadler <eadler@FreeBSD.org>
	Sat, 13 Jan 2018 09:28:43 +0000 (09:28 +0000)
commit	7f16f746e4ad409c6806abb47fb5b6b25f686564
tree	65e37841fa86186934a042b5c65646a3a6d53971	tree \| snapshot
parent	7f8a524b98b701f3277eaa49db54e59106bfab86	commit \| diff

MFC r324206:

bsdinstall(8) hardening menu: Utilize new kern.randompid=1 behaviour

Enabling the PID randomization option in bsdinstall(8)'s hardening menu
now randomizes the effective value of kern.randompid on each boot.

Previous behaviour:
When kern.randompid was enabled via the the bsdinstall(8) hardening menu,
a random value was generated and placed in the systems /etc/sysctl.conf as
kern.randompid=value
This makes the value of kern.randompid static across reboots.

New behaviour:
When kern.randompid is enabled via the bsdinstall(8) hardening menu, the
line kern.randompid=1 is placed in the systems /etc/sysctl.conf.
This takes advantage of a new kernel feature and makes the value of
kern.randompid be randomized by the kernel on each reboot.