Index: config.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/sysinstall/config.c,v
retrieving revision 1.216
diff -u -r1.216 config.c
--- config.c	28 Sep 2003 05:21:23 -0000	1.216
+++ config.c	24 Nov 2003 01:26:10 -0000
@@ -547,63 +547,6 @@
     return DITEM_SUCCESS;
 }
 
-int
-configSecurityProfile(dialogMenuItem *self)
-{
-    WINDOW *w = savescr();
-
-    dialog_clear_norefresh();
-    dmenuOpenSimple(&MenuSecurityProfile, FALSE); 
-    restorescr(w);
-    return DITEM_SUCCESS;
-}
-
-/* Use the most extreme security settings */
-int
-configSecurityExtreme(dialogMenuItem *self)
-{
-    WINDOW *w = savescr();
-
-    variable_set2("sshd_enable", "NO", 1);
-    variable_set2("kern_securelevel_enable", "YES", 1);
-    variable_set2("kern_securelevel", "2", 1);
-
-    if (self)
-	msgConfirm("Extreme security settings have been selected.\n\n"
-	    "Sshd has been disabled, and kernel security levels have"
-	    "been enabled.\n\n"
-	    "PLEASE NOTE that this still does not save you from having\n"
-	    "to properly secure your system in other ways or exercise\n"
-	    "due diligence in your administration, this simply picks\n"
-	    "a more secure set of out-of-box defaults to start with.\n\n"
-	    "To change any of these settings later, edit /etc/rc.conf");
-
-    restorescr(w);
-    return DITEM_SUCCESS;
-}
-
-int
-configSecurityModerate(dialogMenuItem *self)
-{
-    WINDOW *w = savescr();
-
-    variable_set2("sshd_enable", "YES", 1);
-    variable_set2("kern_securelevel_enable", "NO", 1);
-
-    if (self)
-	msgConfirm("Moderate security settings have been selected.\n\n"
-	    "Sshd has been enabled and kernel securelevels are disabled;\n"
-	    "all other settings have been left intact.\n\n"
-            "PLEASE NOTE that this still does not save you from having\n"
-            "to properly secure your system in other ways or exercise\n"
-            "due diligence in your administration, this simply picks\n"
-            "a standard set of out-of-box defaults to start with.\n\n"
-	    "To change any of these settings later, edit /etc/rc.conf");
-
-    restorescr(w);
-    return DITEM_SUCCESS;
-}
-
 static void
 write_root_xprofile(char *str)
 {
Index: install.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/sysinstall/install.c,v
retrieving revision 1.348
diff -u -r1.348 install.c
--- install.c	19 Oct 2003 13:37:12 -0000	1.348
+++ install.c	24 Nov 2003 01:51:47 -0000
@@ -529,8 +529,6 @@
 
     if (DITEM_STATUS((i = installCommit(self))) == DITEM_SUCCESS) {
 	i |= DITEM_LEAVE_MENU;
-	/* Set default security level */
-	configSecurityModerate(NULL);
 
 	/* Give user the option of one last configuration spree */
 	installConfigure();
@@ -622,6 +620,10 @@
         configInetd(self);
 
     dialog_clear_norefresh();
+    if (!msgNoYes("Would you like to enable SSH login?"))
+	variable_set2("sshd_enable", "YES", 1);
+
+    dialog_clear_norefresh();
     if (!msgNoYes("Do you want to have anonymous FTP access to this machine?"))
 	configAnonFTP(self);
 
@@ -633,12 +635,6 @@
     if (!msgNoYes("Do you want to configure this machine as an NFS client?"))
 	variable_set2("nfs_client_enable", "YES", 1);
 
-    if (!msgNoYes("Do you want to select a default security profile for\n"
-	         "this host (select No for \"moderate\" security)?"))
-	configSecurityProfile(self);
-    else
-	configSecurityModerate(self);
-
 #ifdef WITH_SYSCONS
     dialog_clear_norefresh();
     if (!msgNoYes("Would you like to customize your system console settings?"))
@@ -720,9 +716,6 @@
 
     i = installCommit(self);
     if (DITEM_STATUS(i) == DITEM_SUCCESS) {
-	/* Set default security level */
-	configSecurityModerate(NULL);
-
 	/* Give user the option of one last configuration spree */
 	installConfigure();
 	return i;
Index: menus.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/sysinstall/menus.c,v
retrieving revision 1.381
diff -u -r1.381 menus.c
--- menus.c	20 Nov 2003 20:43:06 -0000	1.381
+++ menus.c	24 Nov 2003 01:53:05 -0000
@@ -1465,7 +1465,7 @@
 	dmenuVarCheck,	configRouter, NULL, "router_enable=YES" },
       { " Rwhod",	"This machine wants to run the rwho daemon",
 	dmenuVarCheck,	dmenuToggleVariable, NULL, "rwhod_enable=YES" },
-      { " Sshd",	"This machine wants to run the ssh daemon",
+      { " SSHd",	"This machine wants to run the SSH daemon",
 	dmenuVarCheck,	dmenuToggleVariable, NULL, "sshd_enable=YES" },
       { " TCP Extensions", "Allow RFC1323 and RFC1644 TCP extensions?",
 	dmenuVarCheck,	dmenuToggleVariable, NULL, "tcp_extensions=YES" },
@@ -2225,28 +2225,12 @@
     NULL,
     { { "X Exit",      "Exit this menu (returning to previous)",
 	checkTrue, dmenuExit, NULL, NULL, '<', '<', '<' },
-      { " Security Profile",   "Select a security profile for the system",
-	NULL, configSecurityProfile },
 #if 0
       { " LOMAC",         "Use Low Watermark Mandatory Access Control at boot",
 	dmenuVarCheck,  dmenuToggleVariable, NULL, "lomac_enable=YES" },
 #endif
       { " NFS port",	"Require that the NFS clients used reserved ports",
 	dmenuVarCheck,  dmenuToggleVariable, NULL, "nfs_reserved_port_only=YES" },
-      { NULL } },
-};
-
-DMenu MenuSecurityProfile = {
-    DMENU_NORMAL_TYPE | DMENU_SELECTION_RETURNS,
-    "Default system security profile",
-    "Each item in this list will set what it considers to\n"
-    "be \"appropriate\" values in that category for various\n"
-    "security-related knobs in /etc/rc.conf.",
-    "Select a canned security profile - F1 for help",
-    "security",						/* help file */
-    { { "X Exit",	"Exit this menu (returning to previous)", NULL, dmenuExit },
-      { "Moderate",	"Moderate security settings.", NULL, configSecurityModerate },
-      { "Extreme",	"Very restrictive security settings.", NULL, configSecurityExtreme },
       { NULL } },
 };
 
Index: sysinstall.h
===================================================================
RCS file: /home/ncvs/src/usr.sbin/sysinstall/sysinstall.h,v
retrieving revision 1.252
diff -u -r1.252 sysinstall.h
--- sysinstall.h	2 Nov 2003 08:58:57 -0000	1.252
+++ sysinstall.h	24 Nov 2003 01:32:21 -0000
@@ -452,7 +452,6 @@
 extern DMenu		MenuNetworkDevice;	/* Network device menu				*/
 extern DMenu		MenuNTP;		/* NTP time server menu				*/
 extern DMenu		MenuSecurity;		/* System security options menu			*/
-extern DMenu		MenuSecurityProfile;	/* Security profile menu			*/
 extern DMenu		MenuStartup;		/* Startup services menu			*/
 #ifdef WITH_SYSCONS
 extern DMenu		MenuSyscons;		/* System console configuration menu		*/
@@ -532,9 +531,6 @@
 extern int	configMTAExim(dialogMenuItem *self);
 extern int	configRpcBind(dialogMenuItem *self);
 extern int	configWriteRC_conf(dialogMenuItem *self);
-extern int	configSecurityProfile(dialogMenuItem *self);
-extern int	configSecurityExtreme(dialogMenuItem *self);
-extern int	configSecurityModerate(dialogMenuItem *self);
 extern int	configEtcTtys(dialogMenuItem *self);
 #ifdef __i386__
 extern int	checkLoaderACPI(void);