mirror of https://git.FreeBSD.org/doc.git
99333306b8
Upgrade Security chapter as part of the Handbook Working Group. This is a first approximation, there are things to improve and add to the chapter, but we can continue from here :) Changes: - Move VPN over IPSec to an article, in the future we will add too OpenVPN (DCO) and WireGuard to the article - Rework Securing Accounts section - Upgrade Password Hashes algorithms - Improve sudo/doas section - Add new Intrusion Detection System (IDS) section - Add new Secure levels section - Add new File flags section - Rework OpenSSH and OpenSSL sections - Rework Access Control Lists and add NFSv4 ACLs - Add Capsicum introduction section - Upgrade Resource Limits section - Improve Asciidoc syntax Documentation checked: - https://man.freebsd.org/security - https://calomel.org/ids_mtree.html - https://calomel.org/openssh.html - https://calomel.org/openssh_distributed.html - https://man.freebsd.org/cgi/man.cgi?query=chflags&sektion=1&apropos=0&manpath=FreeBSD+13.2-RELEASE+and+Ports - https://www.cyberciti.biz/tips/howto-write-protect-file-with-immutable-bit.html - https://wiki.gentoo.org/wiki/Doas - https://people.freebsd.org/~dannyboy/articles/freebsd_acls.pdf - https://wiki.freebsd.org/NFSv4_ACLs - https://man.freebsd.org/cgi/man.cgi?setfacl Reviewed by: emaste, karels, philip (first draft) Differential Revision: https://reviews.freebsd.org/D41620 Sponsored by: Daifressh |
||
|---|---|---|
| .. | ||
| mailing-lists.adoc | ||
| teams.adoc | ||
| urls.adoc | ||