mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-12-24 16:49:23 -05:00
Disallow kernel profiling by users without CAP_SYS_ADMIN
It's the default on a lot of stuff, but still nice to have.
This commit is contained in:
parent
98c0decaa4
commit
944fed3c45
@ -145,3 +145,7 @@ vm.unprivileged_userfaultfd=0
|
||||
## - https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Performance_Tuning_Guide/s-memory-tunables.html
|
||||
## - https://en.wikipedia.org/wiki/Swappiness
|
||||
vm.swappiness=1
|
||||
|
||||
## Disallow kernel profiling by users without CAP_SYS_ADMIN
|
||||
## https://www.kernel.org/doc/Documentation/sysctl/kernel.txt
|
||||
kernel.perf_event_paranoid=3
|
||||
|
Loading…
Reference in New Issue
Block a user