In this post I’m collecting snippets that make FreeBSD more secure.
I’ll be making updates to this post on an ongoing basis.

Do not allow unprivileged users to use the ptrace system call

To disable ptrace for unprivileged users, run as root:

sysctl security.bsd.unprivileged_proc_debug=0
echo 'security.bsd.unprivileged_proc_debug=0' >> /etc/sysctl.conf

More information: FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED]