git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit

]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit

projects / people / pmueller / ipfire-2.x.git / commit

author	Peter Müller <peter.mueller@link38.eu>
	Thu, 16 Aug 2018 15:29:58 +0000 (17:29 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Sun, 9 Sep 2018 16:47:08 +0000 (17:47 +0100)
commit	d5fe33228311d47490536bee370297a7c735f9d6
tree	153adf3e2cfd276f1a8aadf2177bda9dc92c353e	tree \| snapshot
parent	65ae069c213a7fcd36d7857b15d863804984948d	commit \| diff

do not expose kernel address spaces even to privileged users

Change this setting from 1 to 2 so kernel addresses are not
displayed even if a user has CAPS_SYSLOG privileges.

See also:
- https://lwn.net/Articles/420403/
- https://tails.boum.org/contribute/design/kernel_hardening/

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/etc/sysctl.conf

diff | blob | blame | history

Peter's tree of IPFire 2.x

RSS Atom