configuration-templates
/sysctl/10-security.conf |
---|
@@ -0,0 +1,10 @@ |
# The contents of /proc/<pid>/maps and smaps files are only visible to |
# readers that are allowed to ptrace() the process |
kernel.maps_protect = 1 |
# Enable ExecShield protection |
kernel.exec-shield = 1 |
kernel.randomize_va_space = 2 |
# Hide exposed kernel pointers |
kernel.kptr_restrict = 1 |