Git-Mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-05-08 22:25:03 -04:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request from madaidan/patch-22

Browse source 
Require all loaded kernel modules to be signed with a valid key.
This commit is contained in:
Patrick Schleizer 2019-08-14 06:59:34 +00:00 committed by GitHub
commit a8ea379526
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions

3
etc/default/grub.d/40_only_allow_signed_modules.cfg Normal file
View file

@ -0,0 +1,3 @@
# Requires every module to be signed before being loaded. Any module that is unsigned or signed with an invalid key cannot be loaded.
# This makes it harder to load a malicious module.
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX module.sig_enforce=1"