expect value of sysctl:kernel.kptr_restrict to be 2 (#224)

from https://lwn.net/Articles/420403/: """ The %pK format specifier is designed to hide exposed kernel pointers, specifically via /proc interfaces. Exposing these pointers provides an easy target for kernel write vulnerabilities, since they reveal the locations of writable structures containing easily triggerable function pointers. The behavior of %pK depends on the kptr_restrict sysctl. […] If kptr_restrict is set to 2, kernel pointers using %pK are printed as 0's regardless of privileges. """
author: Lukas Pirl <github@lukas-pirl.de> 2016-07-11 11:11:18 +0300
committer: Michael Boelen <michael@cisofy.com> 2016-07-11 11:11:18 +0300
commit: 77634d578cb75dec1a8260ac896a156fd3555553 (patch)
tree: d6077ed8265b7bca91fbd96625486ce51469f32d /default.prf
parent: 74c9513fbb58e0769595ccbdf35f4a7a62f1ca87 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/default.prf b/default.prf
index f630269d..f2738c78 100644
--- a/default.prf
+++ b/default.prf
@@ -163,7 +163,7 @@ sysctl:kernel.core_uses_pid:1:1:XXX:
 sysctl:kernel.ctrl-alt-del:0:1:XXX:
 sysctl:kernel.exec-shield-randomize:1:1:XXX:
 sysctl:kernel.exec-shield:1:1:XXX:
-sysctl:kernel.kptr_restrict:1:1:Restrict access to kernel symbols:
+sysctl:kernel.kptr_restrict:2:1:Restrict access to kernel symbols:
 sysctl:kernel.sysrq:0:1:Disable magic SysRQ:
 sysctl:kernel.use-nx:0:1:XXX:
author	Lukas Pirl <github@lukas-pirl.de>	2016-07-11 11:11:18 +0300
committer	Michael Boelen <michael@cisofy.com>	2016-07-11 11:11:18 +0300
commit	77634d578cb75dec1a8260ac896a156fd3555553 (patch)
tree	d6077ed8265b7bca91fbd96625486ce51469f32d /default.prf
parent	74c9513fbb58e0769595ccbdf35f4a7a62f1ca87 (diff)