| Server IP : 216.107.138.43 / Your IP : 216.73.217.127 Web Server : LiteSpeed System : Linux srv514655384.host.ultaserver.net 5.15.0-124-generic #134-Ubuntu SMP Fri Sep 27 20:20:17 UTC 2024 x86_64 User : ojolc3829 ( 1151) PHP Version : 8.0.30 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /etc/sysctl.d/ |
Upload File : |
# These settings are specific to hardening the kernel itself from attack # from userspace, rather than protecting userspace from other malicious # userspace things. # # # When an attacker is trying to exploit the local kernel, it is often # helpful to be able to examine where in memory the kernel, modules, # and data structures live. As such, kernel addresses should be treated # as sensitive information. # # Many files and interfaces contain these addresses (e.g. /proc/kallsyms, # /proc/modules, etc), and this setting can censor the addresses. A value # of "0" allows all users to see the kernel addresses. A value of "1" # limits visibility to the root user, and "2" blocks even the root user. kernel.kptr_restrict = 1 # Access to the kernel log buffer can be especially useful for an attacker # attempting to exploit the local kernel, as kernel addresses and detailed # call traces are frequently found in kernel oops messages. Setting # dmesg_restrict to "0" allows all users to view the kernel log buffer, # and setting it to "1" restricts access to those with CAP_SYSLOG. # # dmesg_restrict defaults to 1 via CONFIG_SECURITY_DMESG_RESTRICT, only # uncomment the following line to disable. # kernel.dmesg_restrict = 0