mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-10-01 08:25:45 -04:00
Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
63c6405ab7
2
debian/control
vendored
2
debian/control
vendored
@ -125,6 +125,8 @@ Description: enhances misc security settings
|
||||
Secure Attention Key.
|
||||
.
|
||||
* Restricts loading line disciplines to `CAP_SYS_MODULE`.
|
||||
.
|
||||
* Restricts the `userfaultfd()` syscall to root.
|
||||
.
|
||||
Improve Entropy Collection
|
||||
.
|
||||
|
@ -133,3 +133,9 @@ kernel.sysrq=132
|
||||
##
|
||||
## https://lkml.org/lkml/2019/4/15/890
|
||||
dev.tty.ldisc_autoload=0
|
||||
|
||||
## Restrict the userfaultfd() syscall to root as it can make heap sprays
|
||||
## easier.
|
||||
##
|
||||
## https://duasynt.com/blog/linux-kernel-heap-spray
|
||||
vm.unprivileged_userfaultfd=0
|
||||
|
Loading…
Reference in New Issue
Block a user