Merge pull request #143 from monsieuremre/patch-6

new lines 990-security-misc.conf
This commit is contained in:
Patrick Schleizer 2023-11-01 10:30:26 -04:00 committed by GitHub
commit b7cddd6e55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -14,6 +14,14 @@ kernel.core_pattern=|/bin/false
## Restricts the kernel log to root only.
kernel.dmesg_restrict=1
## Does not set coredump name to 'core' which is default. Defense in depth.
kernel.core_uses_pid=1
## A martian packet is a one with a source address which is blatantly wrong
## Recommended to keep a log of these to identify these suspicious packets
net.ipv4.conf.all.log_martians=1
net.ipv4.conf.default.log_martians=1
## Don't allow writes to files that we don't own
## in world writable sticky directories, unless
## they are owned by the owner of the directory.