Set kptr_restrict to 2.
To make writing kernel exploits harder, set /proc/sys/kernel/kptr_restrict to "2". This prohibits users from accessing kernel symbols via /proc/kallsyms Bug: 5555668 Change-Id: Ib31cb6fcb4d212a0b570ce9e73ae31f721ed801b
This commit is contained in:
parent
06286288ef
commit
2e7c833279
|
@ -65,6 +65,7 @@ loglevel 3
|
|||
write /proc/sys/kernel/sched_compat_yield 1
|
||||
write /proc/sys/kernel/sched_child_runs_first 0
|
||||
write /proc/sys/kernel/randomize_va_space 2
|
||||
write /proc/sys/kernel/kptr_restrict 2
|
||||
|
||||
# Create cgroup mount points for process groups
|
||||
mkdir /dev/cpuctl
|
||||
|
|
Loading…
Reference in New Issue