mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-28 08:31:09 +07:00
Code Issues Packages Projects Releases Wiki Activity

Restrict loading line disciplines to CAP_SYS_MODULE

Browse Source
This commit is contained in:
madaidan 2020-02-14 17:50:19 +00:00 committed by GitHub
parent ad6b766886
commit 0ea7dd161b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etc/sysctl.d/30_security-misc.conf
View File

@ -118,3 +118,8 @@ net.ipv4.conf.all.rp_filter=1
net.ipv4.tcp_timestamps=0
#### meta end
## Restrict loading line disciplines to CAP_SYS_MODULE to prevent
## unprivileged attackers from loading vulnerable line disciplines
## with the TIOCSETD ioctl to exploit them.
dev.tty.ldisc_autoload=0