Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-25 13:35:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update presentation on user namespaces

Browse source
This commit is contained in:
raja-grewal 2024-12-18 03:36:09 +00:00 committed by GitHub
parent 0dff2cd28f
commit 3749f8ff09
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 23 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -37,11 +37,11 @@ Kernel space:
- Entirely disable the SysRq key so that the Secure Attention Key (SAK)
can no longer be utilized. See [documentation](https://www.kicksecure.com/wiki/SysRq).
- Optional - Disable all use of user namespaces.
- Optional - Restrict user namespaces to `CAP_SYS_ADMIN` as they can lead to substantial
privilege escalation.
- Optional - Disable all use of user namespaces.
- Restrict kernel profiling and the performance events system to `CAP_PERFMON`.
- Force the kernel to panic on both "oopses", which can potentially indicate and thwart