diff options
author | Joachim Fasting <joachifm@fastmail.fm> | 2016-07-14 15:42:54 +0200 |
---|---|---|
committer | Joachim Fasting <joachifm@fastmail.fm> | 2016-07-16 11:11:35 +0200 |
commit | c606b9876fbcbfa2aa8360a5a2d808c80d3a2759 (patch) | |
tree | 0ba1cb4f17646ce35801abbe8e9f7df3e9ae000b /nixos/modules/security/grsecurity.nix | |
parent | e04019d690e896a6b7f4ccd5d7836947b98dbcd2 (diff) | |
download | nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.tar nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.tar.gz nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.tar.bz2 nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.tar.lz nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.tar.xz nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.tar.zst nixlib-c606b9876fbcbfa2aa8360a5a2d808c80d3a2759.zip |
grsecurity module: enforce size overflows by default
It is better to make this conditional on whether the configuration contains a known size overflow that could prevent the system from booting.
Diffstat (limited to 'nixos/modules/security/grsecurity.nix')
-rw-r--r-- | nixos/modules/security/grsecurity.nix | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 9d0249820d5d..ee5881d28726 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -48,10 +48,6 @@ in (isYES "GRKERNSEC_SYSCTL_DISTRO") ]; - # Crashing on an overflow in kernel land is user unfriendly and may prevent - # the system from booting, which is too severe for our use case. - boot.kernelParams = [ "pax_size_overflow_report_only" ]; - # Install PaX related utillities into the system profile. Eventually, we # also want to include gradm here. environment.systemPackages = with pkgs; [ paxctl pax-utils ]; |