factory-default/sys-apps/baselayout: enable kernel.kptr_restrict sysctl

author: Bertrand Jacquin <bertrand@jacquin.bzh> 2019-09-16 23:41:14 +0100
committer: Bertrand Jacquin <bertrand@jacquin.bzh> 2019-09-16 23:41:14 +0100
commit: 69aabff79a2cece36dcbd43d583ef43ee2c8e423 (patch)
tree: b5354abd9a79311b3f75eca6e1186604506b29d8 /factory-default
parent: eclass/linux-build: minor clarification (diff)
download: portage-69aabff79a2cece36dcbd43d583ef43ee2c8e423.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf
index 5eba904b..9e2e1466 100644
--- a/factory-default/sys-apps/baselayout/etc/sysctl.conf
+++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf
@@ -21,6 +21,10 @@ kernel.panic = 5
 # randomization.
 kernel.randomize_va_space = 2
 
+# kernel pointers printed using the %pK format specifier will be replaced
+# with 0's unless the user has CAP_SYSLOG
+kernel.kptr_restrict = 1
+
 # Uses a "never overcommit" policy that attempts to prevent any overcommit
 # of memory
 vm.overcommit_memory = 2
author	Bertrand Jacquin <bertrand@jacquin.bzh>	2019-09-16 23:41:14 +0100
committer	Bertrand Jacquin <bertrand@jacquin.bzh>	2019-09-16 23:41:14 +0100
commit	69aabff79a2cece36dcbd43d583ef43ee2c8e423 (patch)
tree	b5354abd9a79311b3f75eca6e1186604506b29d8 /factory-default
parent	eclass/linux-build: minor clarification (diff)
download	portage-69aabff79a2cece36dcbd43d583ef43ee2c8e423.tar.xz