Actions
Feature #8965
closedGUI interface for switchable security mitigations
Status:
Resolved
Priority:
Low
Assignee:
-
Category:
Web Interface
Target version:
-
Start date:
09/27/2018
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Description
With the constellation of tunable workarounds for hardware-based security bugs, it might be helpful to build a table of switches (much like the current toggle for Kernel PTI) that allow firewall admins to easily see/toggle individual workarounds to manage risk vs. performance. Most of these bugs don't directly affect a generic firewall, but if, for example, a firewall is hosting SSH login users, the risk increases. These are easily settable via sysctl or the advanced/tunable interface, but for auditing purposes having a GUI might be nice.
From the thread:
https://forum.netgate.com/topic/135653/xg-1537-coreboot-update-issue/6
Actions