diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/tests/hardened.nix | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/tests/hardened.nix b/nixos/tests/hardened.nix index 1d9a9043e03a..ee7ffe83ba34 100644 --- a/nixos/tests/hardened.nix +++ b/nixos/tests/hardened.nix @@ -32,5 +32,15 @@ import ./make-test.nix ({ pkgs, ...} : { subtest "userns", sub { $machine->fail("unshare --user"); }; + + # Test dmesg restriction + subtest "dmesg", sub { + $machine->fail("su -l alice -c dmesg"); + }; + + # Test access to kcore + subtest "kcore", sub { + $machine->fail("cat /proc/kcore"); + }; ''; }) |