Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-02-23 07:39:51 -05:00
Code Issues Packages Projects Releases Wiki Activity

undo io_uring related changes

Browse Source 
as these should be done in a separate pull request (if apprpriate)

https://github.com/Kicksecure/security-misc/pull/244#issuecomment-2238889062
This commit is contained in:
Patrick Schleizer 2024-07-19 07:20:59 -04:00
parent 8791aecb38
commit 9f53a0182b
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -43,7 +43,7 @@ space, user space, core dumps, and swap space.
- Randomize the addresses (ASLR) for mmap base, stack, VDSO pages, and heap. - Randomize the addresses (ASLR) for mmap base, stack, VDSO pages, and heap.
- Provide the option to disable asynchronous I/O as `io_uring` has been the source - Disable asynchronous I/O as `io_uring` has been the source
of numerous kernel exploits (when using Linux kernel version >= 6.6). of numerous kernel exploits (when using Linux kernel version >= 6.6).
- Restrict usage of `ptrace()` to only processes with `CAP_SYS_PTRACE` as it - Restrict usage of `ptrace()` to only processes with `CAP_SYS_PTRACE` as it

2
usr/lib/sysctl.d/990-security-misc.conf
View File

@ -128,7 +128,7 @@ kernel.randomize_va_space=2
## ##
## Applicable when using Linux kernel >= 6.6 (retained here for future-proofing and completeness). ## Applicable when using Linux kernel >= 6.6 (retained here for future-proofing and completeness).
## ##
#kernel.io_uring_disabled=2 kernel.io_uring_disabled=2
## 2. User Space: ## 2. User Space:
## ##