diff options
| -rw-r--r-- | nixos/modules/profiles/hardened.nix | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/nixos/modules/profiles/hardened.nix b/nixos/modules/profiles/hardened.nix index 8889c6440f44..692afbff660d 100644 --- a/nixos/modules/profiles/hardened.nix +++ b/nixos/modules/profiles/hardened.nix @@ -82,9 +82,6 @@ with lib; # Disable bpf() JIT (to eliminate spray attacks) boot.kernel.sysctl."net.core.bpf_jit_enable" = mkDefault false; - # ... or at least apply some hardening to it - boot.kernel.sysctl."net.core.bpf_jit_harden" = mkDefault true; - # Raise ASLR entropy for 64bit & 32bit, respectively. # # Note: mmap_rnd_compat_bits may not exist on 64bit. |