Install-time "hardening" options

Ronald F. Guilmette rfg at
Thu Oct 12 21:32:18 UTC 2017

In message <21945e9b-6573-5f8d-9b6d-26bbb8bfd748 at>, 
Mike Tancsa <mike at> wrote:

>> (*)  Disable opening Syslogd network socket (disables remote logging)
>Is not the default -s and this options makes it -ss. "disable remote
>logging" as in the host you are configuring cannot send out messages to
>other syslogd servers.

Was that a question or a statement?

If you are assering that indeed, yes, star'ing this specific "hardening"
option just causes the local machine to -not- send -outbound- syslog
messages, then certainly, that is indeed a horse of a different color
from what I was talking about, which was -accepting- -inbound- syslog

At the very least, the wording on this option should be clarified to
make it apparent if the thing being disabled in this case is inbound
syslog messages or outbound ones.

More information about the freebsd-questions mailing list