HardenedBSD issueshttps://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues2023-05-01T19:59:12Zhttps://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues/84Add OpenBSD's "doas" to the base2023-05-01T19:59:12ZMr. UNIXAdd OpenBSD's "doas" to the base`doas` is a command line utility that OpenBSD has which is similar to `sudo` but has a smaller codebase.
I believe it would be a great idea to include it into HardenedBSD's base, what do other people here think?`doas` is a command line utility that OpenBSD has which is similar to `sudo` but has a smaller codebase.
I believe it would be a great idea to include it into HardenedBSD's base, what do other people here think?https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues/85Disable Root Account2023-05-01T18:15:56ZMr. UNIXDisable Root AccountRoot account add a significant attack surface and disabling it is a very good security practice.
I believe it would be a great idea to do that by default, what do others think about this?Root account add a significant attack surface and disabling it is a very good security practice.
I believe it would be a great idea to do that by default, what do others think about this?https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues/58Potentially bad idea: investigate using arc4random(3) for rand(3)2021-08-21T00:55:42ZShawn WebbPotentially bad idea: investigate using arc4random(3) for rand(3)I wonder what, if any, issues this may cause. The rand(3) API is meant to produce reproducible output when using the same seed. Using arc4random would break such determinism. I what what ramifications this has in 2021.I wonder what, if any, issues this may cause. The rand(3) API is meant to produce reproducible output when using the same seed. Using arc4random would break such determinism. I what what ramifications this has in 2021.