From a79ce7fa68c22048d3e10789fe209b14b818d0fb Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Sat, 15 Feb 2020 17:30:21 +0000
Subject: [PATCH] Document ldisc_autoload better

---
 etc/sysctl.d/30_security-misc.conf | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/etc/sysctl.d/30_security-misc.conf b/etc/sysctl.d/30_security-misc.conf
index 846670e..d14b46d 100644
--- a/etc/sysctl.d/30_security-misc.conf
+++ b/etc/sysctl.d/30_security-misc.conf
@@ -126,7 +126,10 @@ net.ipv4.tcp_timestamps=0
 ## https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079/
 kernel.sysrq=132
 
-## Restrict loading line disciplines to CAP_SYS_MODULE to prevent
+## Restrict loading TTY line disciplines to CAP_SYS_MODULE to prevent
 ## unprivileged attackers from loading vulnerable line disciplines
-## with the TIOCSETD ioctl to exploit them.
+## with the TIOCSETD ioctl which has been used in exploits before
+## such as https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
+##
+## https://lkml.org/lkml/2019/4/15/890
 dev.tty.ldisc_autoload=0