External/sysctl
1
0
Fork 0
mirror of https://github.com/k4yt3x/sysctl.git synced 2025-12-29 16:16:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update sysctl.conf

Browse Source 
update according to https://madaidans-insecurities.github.io/guides/linux-hardening.html#sysctl
This commit is contained in:
shenzhui007 2022-06-06 12:58:49 +08:00 committed by GitHub
parent 713183509d
commit 340f2a55de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sysctl.conf
View File

@ -288,3 +288,10 @@ net.ipv6.conf.all.accept_source_route = 0
#net.ipv6.icmp.echo_ignore_all = 1
#net.ipv6.icmp.echo_ignore_anycast = 1
#net.ipv6.icmp.echo_ignore_multicast = 1
# prevent unprivileged attackers from loading vulnerable line disciplines with the TIOCSETD ioctl
dev.tty.ldisc_autoload = 0
# disable syscall to the CAP_SYS_PTRACE capability
vm.unprivileged_userfaultfd = 0