From e9e9215314cca1d7e4cc6117458bd88de1109c6d Mon Sep 17 00:00:00 2001
From: Bertrand Jacquin <bertrand@jacquin.bzh>
Date: Sat, 28 Sep 2019 23:36:46 +0100
Subject: factory-default/sys-apps/baselayout: set kernel.kptr_restrict=2

---
 factory-default/sys-apps/baselayout/etc/sysctl.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'factory-default')

diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf
index 39478f65..b49c7bce 100644
--- a/factory-default/sys-apps/baselayout/etc/sysctl.conf
+++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf
@@ -22,8 +22,8 @@ kernel.panic = 5
 kernel.randomize_va_space = 2
 
 # kernel pointers printed using the %pK format specifier will be replaced
-# with 0's unless the user has CAP_SYSLOG
-kernel.kptr_restrict = 1
+# with 0's regardless of privileges
+kernel.kptr_restrict = 2
 
 # Do not allow O_CREAT open on regular files that we don't own in world
 # writable sticky directories, unless they are owned by the owner of the
-- 
cgit v1.2.3