mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-10-01 08:25:45 -04:00
Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
3fae8e771f
3
debian/control
vendored
3
debian/control
vendored
@ -113,6 +113,9 @@ Description: enhances misc security settings
|
|||||||
a target for ROP.
|
a target for ROP.
|
||||||
.
|
.
|
||||||
* Page allocator freelist randomization is enabled.
|
* Page allocator freelist randomization is enabled.
|
||||||
|
.
|
||||||
|
* The vivid kernel module is blacklisted as it's only required for testing and
|
||||||
|
has been the cause of multiple vulnerabilities.
|
||||||
.
|
.
|
||||||
Improve Entropy Collection
|
Improve Entropy Collection
|
||||||
.
|
.
|
||||||
|
10
etc/modprobe.d/vivid.conf
Normal file
10
etc/modprobe.d/vivid.conf
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
## Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
|
||||||
|
## See the file COPYING for copying conditions.
|
||||||
|
|
||||||
|
## Blacklists the vivid kernel module as it's only required for
|
||||||
|
## testing and has been the cause of multiple vulnerabilities.
|
||||||
|
##
|
||||||
|
## https://forums.whonix.org/t/kernel-recompilation-for-better-hardening/7598/233
|
||||||
|
## https://www.openwall.com/lists/oss-security/2019/11/02/1
|
||||||
|
## https://github.com/a13xp0p0v/kconfig-hardened-check/commit/981bd163fa19fccbc5ce5d4182e639d67e484475
|
||||||
|
install vivid /bin/false
|
Loading…
Reference in New Issue
Block a user