Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-02-03 13:19:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Minor consistency update in README.md

Browse Source
This commit is contained in:
Raja Grewal 2024-08-09 13:39:25 +10:00
parent 15c638acad
commit 3456f1c1d7
No known key found for this signature in database
GPG Key ID: 92CA473C156B64C4
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -56,6 +56,8 @@ space, user space, core dumps, and swap space.
enables programs to inspect and modify other active processes. Provide the enables programs to inspect and modify other active processes. Provide the
option to entirely disable the use of `ptrace()` for all processes. option to entirely disable the use of `ptrace()` for all processes.
- Maximize the bits of entropy used for mmap ASLR across all architectures.
- Prevent hardlink and symlink TOCTOU races in world-writable directories. - Prevent hardlink and symlink TOCTOU races in world-writable directories.
- Disallow unintentional writes to files in world-writable directories unless - Disallow unintentional writes to files in world-writable directories unless
@ -146,6 +148,8 @@ configuration file.
- Provide the option to modify machine check exception handler. - Provide the option to modify machine check exception handler.
- Disallow sensitive kernel information leaks in the console during boot.
- Enable the kernel Electric-Fence sampling-based memory safety error detector - Enable the kernel Electric-Fence sampling-based memory safety error detector
which can identify heap out-of-bounds access, use-after-free, and invalid-free errors. which can identify heap out-of-bounds access, use-after-free, and invalid-free errors.
@ -169,9 +173,6 @@ configuration file.
- Provide the option to disable the entire IPv6 stack to reduce attack surface. - Provide the option to disable the entire IPv6 stack to reduce attack surface.
Disallow sensitive kernel information leaks in the console during boot. See
the `/etc/default/grub.d/41_quiet_boot.cfg` configuration file.
### Kernel Modules ### Kernel Modules
#### Kernel Module Signature Verification #### Kernel Module Signature Verification