External/sysctl
1
0
Fork 0
mirror of https://github.com/k4yt3x/sysctl.git synced 2025-12-23 12:46:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5 from HorlogeSkynet/master

Browse Source 
added recommendations from ANSSI
This commit is contained in:
K4YT3X 2021-06-07 17:55:37 -04:00 committed by GitHub
commit 50d77687e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sysctl.conf
View File

@ -63,6 +63,11 @@ kernel.pid_max = 4194304
# reboot machine after kernel panic # reboot machine after kernel panic
#kernel.panic = 10 #kernel.panic = 10
# restrict perf subsystem usage
kernel.perf_event_paranoid = 2
kernel.perf_cpu_time_max_percent = 1
kernel.perf_event_max_sample_rate = 1
########## File System ########## ########## File System ##########
# disallow core dumping by SUID/SGID programs # disallow core dumping by SUID/SGID programs
@ -101,6 +106,9 @@ fs.inotify.max_user_watches = 524288
########## Virtualization ########## ########## Virtualization ##########
# do not allow mmap in lower addresses
vm.mmap_min_addr = 65536
# improve mmap ASLR effectness # improve mmap ASLR effectness
vm.mmap_rnd_bits=32 vm.mmap_rnd_bits=32
vm.mmap_rnd_compat_bits=16 vm.mmap_rnd_compat_bits=16