Project

General

Profile

Feature #8965

GUI interface for switchable security mitigations

Added by Ansley Barnes 9 months ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
09/27/2018
Due date:
% Done:

0%

Estimated time:

Description

With the constellation of tunable workarounds for hardware-based security bugs, it might be helpful to build a table of switches (much like the current toggle for Kernel PTI) that allow firewall admins to easily see/toggle individual workarounds to manage risk vs. performance. Most of these bugs don't directly affect a generic firewall, but if, for example, a firewall is hosting SSH login users, the risk increases. These are easily settable via sysctl or the advanced/tunable interface, but for auditing purposes having a GUI might be nice.

From the thread:
https://forum.netgate.com/topic/135653/xg-1537-coreboot-update-issue/6

Also available in: Atom PDF