mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-01-22 02:17:04 +07:00
Code Issues Packages Projects Releases Wiki Activity

Disable unprivileged userfaultfd use again

Browse Source
This commit is contained in:
madaidan 2020-03-08 17:49:49 +00:00 committed by GitHub
parent efb2683cfc
commit 4d0de87f79
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/sysctl.d/30_security-misc.conf
View File

@ -134,10 +134,8 @@ kernel.sysrq=132
## https://lkml.org/lkml/2019/4/15/890
dev.tty.ldisc_autoload=0
## Disable for now.
## https://forums.whonix.org/t/kernel-hardening/7296/406
## Restrict the userfaultfd() syscall to root as it can make heap sprays
## easier.
##
## https://duasynt.com/blog/linux-kernel-heap-spray
#vm.unprivileged_userfaultfd=0
vm.unprivileged_userfaultfd=0