Commit graph

5 commits

Author SHA1 Message Date
Eelco Dolstra
39f67d9d38 Hide kernel pointers for unprivileged users via kptr_restrict 2013-07-31 16:11:04 +02:00
Shea Levy
bfe6c13f09 D'oh! 2013-03-04 10:03:01 -05:00
Shea Levy
0a81724a88 systemd-sysctl.service: Don't depend on basic.target 2013-03-04 09:57:24 -05:00
Eelco Dolstra
7f7e18cfce Enable hardlink and symlink restrictions
This prevents many time-of-check-time-of-use security bugs.  Ubuntu
enables these by default as well so they shouldn't cause many
problems.
2013-03-02 20:06:02 +01:00
Eelco Dolstra
080bf5614f Add a module for setting sysctl parameters
This adds an option ‘boot.kernel.sysctl’ and generates a file
/etc/sysctl/nixos.conf read by systemd-sysctl.service.
2013-03-02 20:06:02 +01:00