diff options
author | Bertrand Jacquin <bertrand@jacquin.bzh> | 2019-09-16 23:41:14 +0100 |
---|---|---|
committer | Bertrand Jacquin <bertrand@jacquin.bzh> | 2019-09-16 23:41:14 +0100 |
commit | 69aabff79a2cece36dcbd43d583ef43ee2c8e423 (patch) | |
tree | b5354abd9a79311b3f75eca6e1186604506b29d8 | |
parent | eclass/linux-build: minor clarification (diff) | |
download | portage-69aabff79a2cece36dcbd43d583ef43ee2c8e423.tar.xz |
factory-default/sys-apps/baselayout: enable kernel.kptr_restrict sysctl
-rw-r--r-- | factory-default/sys-apps/baselayout/etc/sysctl.conf | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf index 5eba904b..9e2e1466 100644 --- a/factory-default/sys-apps/baselayout/etc/sysctl.conf +++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf @@ -21,6 +21,10 @@ kernel.panic = 5 # randomization. kernel.randomize_va_space = 2 +# kernel pointers printed using the %pK format specifier will be replaced +# with 0's unless the user has CAP_SYSLOG +kernel.kptr_restrict = 1 + # Uses a "never overcommit" policy that attempts to prevent any overcommit # of memory vm.overcommit_memory = 2 |