Security Profile support was removed from sysinstall 3 years ago, so

also remove the section in the Handbook. PR: docs/106494 Submitted by: Niclas Zeising <niclas.zeising@gmail.com>
svn path=/head/; revision=29275
2006-12-25 16:10:13 +00:00 · 2006-12-25 16:10:13 +00:00 · 0ed9419586 · 2020-12-08 03:00:23 +00:00
commit 0ed9419586
parent ca0c6b3177
1 changed files with 0 additions and 178 deletions
--- a/en_US.ISO8859-1/books/handbook/install/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/install/chapter.sgml
@ -2650,184 +2650,6 @@ Press [Enter] now to invoke an editor on /etc/exports
      </sect3>
    </sect2>

-    <sect2 id="securityprofile">
-      <title>Security Profile</title>
-
-      <para>A <quote>security profile</quote> is a set of
-	configuration options that attempts to achieve the desired
-	ratio of security to convenience by enabling and disabling
-	certain programs and other settings.  The more severe the
-	security profile, the fewer programs will be enabled by
-	default.  This is one of the basic principles of security: do
-	not run anything except what you must.</para>
-
-      <para>Please note that the security profile is just a default
-	setting.  All programs can be enabled and disabled after you
-	have installed FreeBSD by editing or adding the appropriate
-	line(s) to <filename>/etc/rc.conf</filename>.  For more
-	information, please see the &man.rc.conf.5; manual
-	page.</para>
-
-      <para>The following table describes what each of the security
-	profiles does.  The columns are the choices you have for a
-	security profile, and the rows are the program or feature that
-	the profile enables or disables.</para>
-
-      <table>
-	<title>Possible Security Profiles</title>
-
-	<tgroup cols=3>
-	  <thead>
-	    <row>
-	      <entry></entry>
-
-	      <entry>Extreme</entry>
-
-	      <entry>Moderate</entry>
-	    </row>
-	  </thead>
-
-	  <tbody>
-
-	    <row>
-	      <entry>&man.sendmail.8;</entry>
-
-	      <entry>NO</entry>
-
-	      <entry>YES</entry>
-	    </row>
-
-	    <row>
-	      <entry>&man.sshd.8;</entry>
-
-	      <entry>NO</entry>
-
-	      <entry>YES</entry>
-	    </row>
-
-	    <row>
-	      <entry>&man.portmap.8;</entry>
-
-	      <entry>NO</entry>
-
-	      <entry>MAYBE
-		<footnote>
-		  <para>The portmapper is enabled if the machine has
-		    been configured as an NFS client or server earlier
-		    in the installation.</para>
-		</footnote>
-	      </entry>
-	    </row>
-
-	    <row>
-	      <entry>NFS server</entry>
-
-	      <entry>NO</entry>
-
-	      <entry>YES</entry>
-	    </row>
-
-	    <row>
-	      <entry>&man.securelevel.8;</entry>
-
-	      <entry>YES
-		<footnote>
-		  <para>If you choose a security profile that sets the
-		    securelevel to <quote>Extreme</quote> or
-		    <quote>High</quote>, you must be aware of the
-		    implications.  Please read the &man.init.8;
-		    manual page and pay particular attention to the
-		    meanings of the security levels, or you may have
-		    significant trouble later!</para>
-		</footnote>
-	      </entry>
-
-	      <entry>NO</entry>
-	    </row>
-	  </tbody>
-	</tgroup>
-      </table>
-
-      <screen>                       User Confirmation Requested
- Do you want to select a default security profile for this host (select
- No for "medium" security)? 
-
-                            [ Yes ]    No</screen>
-
-      <para>Selecting &gui.no; and pressing
-	<keycap>Enter</keycap> will set the security profile to medium.</para>
-
-      <para>Selecting &gui.yes; and pressing
-	<keycap>Enter</keycap> will allow selecting a different security
-	profile.</para>
-
-      <figure id="security-profile">
-	<title>Security Profile Options</title>
-
-	<mediaobject>
-	  <imageobject>
-	    <imagedata fileref="install/security" format="PNG">
-	  </imageobject>
-	</mediaobject>
-      </figure>
-
-      <para>Press <keycap>F1</keycap> to display the help.  Press
-	<keycap>Enter</keycap> to return to selection menu.</para>
-
-      <para>Use the arrow keys to choose <guimenuitem>Medium</guimenuitem>
-	unless your are sure that another level is required for your needs.
-	With &gui.ok; highlighted, press
-	<keycap>Enter</keycap>.</para>
-
-      <para>An appropriate confirmation message will display depending on
-	which security setting was chosen.</para>
-
-      <screen>                                 Message
-
-Moderate security settings have been selected.
-
-Sendmail and SSHd have been enabled, securelevels are
-disabled, and NFS server setting have been left intact.
-PLEASE NOTE that this still does not save you from having
-to properly secure your system in other ways or exercise
-due diligence in your administration, this simply picks
-a standard set of out-of-box defaults to start with.
-
-To change any of these settings later, edit /etc/rc.conf
-
-                                  [OK]</screen>
-
-      <screen>                                 Message
-
-Extreme security settings have been selected.
-
-Sendmail, SSHd, and NFS services have been disabled, and
-securelevels have been enabled.
-PLEASE NOTE that this still does not save you from having
-to properly secure your system in other ways or exercise
-due diligence in your administration, this simply picks
-a more secure set of out-of-box defaults to start with.
-
-To change any of these settings later, edit /etc/rc.conf
-
-                                  [OK]</screen>
-
-      <para>Press <keycap>Enter</keycap> to continue with the
-	post-installation configuration.</para>
-
-      <warning>
-	<para>The security profile is not a silver bullet!  Even if
-	  you use the extreme setting, you need to keep up with
-	  security issues by reading an appropriate mailing
-	  list (<xref linkend="eresources-mail">),
-	  using good passwords and passphrases, and
-	  generally adhering to good security practices.  It simply
-	  sets up the desired security to convenience ratio out of the
-	  box.</para>
-      </warning>
-
-    </sect2>
-
    <sect2 id="console">
      <title>System Console Settings</title>