mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-10-01 08:25:45 -04:00
Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
63c6405ab7
2
debian/control
vendored
2
debian/control
vendored
@ -125,6 +125,8 @@ Description: enhances misc security settings
|
|||||||
Secure Attention Key.
|
Secure Attention Key.
|
||||||
.
|
.
|
||||||
* Restricts loading line disciplines to `CAP_SYS_MODULE`.
|
* Restricts loading line disciplines to `CAP_SYS_MODULE`.
|
||||||
|
.
|
||||||
|
* Restricts the `userfaultfd()` syscall to root.
|
||||||
.
|
.
|
||||||
Improve Entropy Collection
|
Improve Entropy Collection
|
||||||
.
|
.
|
||||||
|
@ -133,3 +133,9 @@ kernel.sysrq=132
|
|||||||
##
|
##
|
||||||
## https://lkml.org/lkml/2019/4/15/890
|
## https://lkml.org/lkml/2019/4/15/890
|
||||||
dev.tty.ldisc_autoload=0
|
dev.tty.ldisc_autoload=0
|
||||||
|
|
||||||
|
## Restrict the userfaultfd() syscall to root as it can make heap sprays
|
||||||
|
## easier.
|
||||||
|
##
|
||||||
|
## https://duasynt.com/blog/linux-kernel-heap-spray
|
||||||
|
vm.unprivileged_userfaultfd=0
|
||||||
|
Loading…
Reference in New Issue
Block a user