about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorJörg Thalheim <Mic92@users.noreply.github.com>2019-09-28 10:06:54 +0100
committerGitHub <noreply@github.com>2019-09-28 10:06:54 +0100
commit3ed9892552a32baecf32404936e0020eaa25338e (patch)
treef1c807e998613fc3f94577cccc333f0d9b1befbd /nixos
parent96466a57a98cc54689bfe4f420f9ff25610ee67b (diff)
parent46dfb2d0904ecd1895af7e378b7d134f45c4e762 (diff)
downloadnixlib-3ed9892552a32baecf32404936e0020eaa25338e.tar
nixlib-3ed9892552a32baecf32404936e0020eaa25338e.tar.gz
nixlib-3ed9892552a32baecf32404936e0020eaa25338e.tar.bz2
nixlib-3ed9892552a32baecf32404936e0020eaa25338e.tar.lz
nixlib-3ed9892552a32baecf32404936e0020eaa25338e.tar.xz
nixlib-3ed9892552a32baecf32404936e0020eaa25338e.tar.zst
nixlib-3ed9892552a32baecf32404936e0020eaa25338e.zip
Merge pull request #69489 from Mic92/sysctl
nixos/sysctl: reduce prio of "kernel.kptr_restrict" to mkDefault
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/config/sysctl.nix2
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/config/sysctl.nix b/nixos/modules/config/sysctl.nix
index fb2b58eed720..e59c7a32c287 100644
--- a/nixos/modules/config/sysctl.nix
+++ b/nixos/modules/config/sysctl.nix
@@ -54,7 +54,7 @@ in
 
     # Hide kernel pointers (e.g. in /proc/modules) for unprivileged
     # users as these make it easier to exploit kernel vulnerabilities.
-    boot.kernel.sysctl."kernel.kptr_restrict" = 1;
+    boot.kernel.sysctl."kernel.kptr_restrict" = mkDefault 1;
 
     # Disable YAMA by default to allow easy debugging.
     boot.kernel.sysctl."kernel.yama.ptrace_scope" = mkDefault 0;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-16 10:53:34 +0000