Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-12 10:59:25 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #63 from madaidan/ldisc_autoload

Browse Source 
Document ldisc_autoload better
This commit is contained in:
Patrick Schleizer 2020-02-15 19:43:05 +00:00 committed by GitHub
commit 4399a512be
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
etc/sysctl.d/30_security-misc.conf
View File

@ -126,7 +126,10 @@ net.ipv4.tcp_timestamps=0
## https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079/
kernel.sysrq=132
## Restrict loading line disciplines to CAP_SYS_MODULE to prevent
## Restrict loading TTY line disciplines to CAP_SYS_MODULE to prevent
## unprivileged attackers from loading vulnerable line disciplines
## with the TIOCSETD ioctl to exploit them.
## with the TIOCSETD ioctl which has been used in exploits before
## such as https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
##
## https://lkml.org/lkml/2019/4/15/890
dev.tty.ldisc_autoload=0