Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/default.prf
diff options
context:
space:
mode:
authorMichael Boelen <michael.boelen@cisofy.com>2016-08-18 15:52:15 +0300
committerMichael Boelen <michael.boelen@cisofy.com>2016-08-18 15:52:15 +0300
commitaf00c1e8d1037a2b554a451845c113ecb52a8279 (patch)
tree8c37a481b740ee642870ce6fdef88513e36cd225 /default.prf
parentd95ab3d253417b8030ee4d9620bd7ed06c4f28e1 (diff)
Added more sysctl keys
Diffstat (limited to 'default.prf')
-rw-r--r--default.prf3
1 files changed, 3 insertions, 0 deletions
diff --git a/default.prf b/default.prf
index a9d9f519..fca799b9 100644
--- a/default.prf
+++ b/default.prf
@@ -168,12 +168,15 @@ config-data=sysctl;security.bsd.see_other_uids;0;1;Disable display of processes
# Kernel
config-data=sysctl;kern.sugid_coredump;0;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
+config-data=sysctl;kernel.suid_dumpable;0;1;Restrict core dumps;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.core_setuid_ok;0;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.core_uses_pid;1;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.ctrl-alt-del;0;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.exec-shield-randomize;1;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.exec-shield;1;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.kptr_restrict;2;1;Restrict access to kernel symbols;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
+config-data=sysctl;kernel.maps_protect;1;1;Restrict access to /proc/[pid]/maps;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
+config-data=sysctl;kernel.randomize_va_space;1;1;Randomize of memory address locations (ASLR);sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.sysrq;0;1;Disable magic SysRQ;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
config-data=sysctl;kernel.use-nx;0;1;XXX;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 10:44:47 +0300