Merge pull request #75 from flawedworld/patch-1

Blacklist more modules (based on OpenSCAP for RHEL 8)
This commit is contained in:
Patrick Schleizer 2020-09-28 14:24:15 +00:00 committed by GitHub
commit 3684ab585e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -44,6 +44,14 @@ install appletalk /bin/false
install psnap /bin/false
install p8023 /bin/false
install p8022 /bin/false
install can /bin/false
install atm /bin/false
# Disable uncommon filesystems to reduce attack surface
install cramfs /bin/false
install vfat /bin/false
install squashfs /bin/false
install udf /bin/false
## Blacklists the vivid kernel module as it's only required for
## testing and has been the cause of multiple vulnerabilities.