| Server IP : 15.235.198.142 / Your IP : 216.73.216.122 Web Server : Apache/2.4.58 (Ubuntu) System : Linux ballsack 6.8.0-45-generic #45-Ubuntu SMP PREEMPT_DYNAMIC Fri Aug 30 12:02:04 UTC 2024 x86_64 User : www-data ( 33) PHP Version : 8.3.6 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : OFF Directory : /etc/sysctl.d/ |
Upload File : |
# These settings are specific to hardening the kernel itself from attack # from userspace, rather than protecting userspace from other malicious # userspace things. # # # When an attacker is trying to exploit the local kernel, it is often # helpful to be able to examine where in memory the kernel, modules, # and data structures live. As such, kernel addresses should be treated # as sensitive information. # # Many files and interfaces contain these addresses (e.g. /proc/kallsyms, # /proc/modules, etc), and this setting can censor the addresses. A value # of "0" allows all users to see the kernel addresses. A value of "1" # limits visibility to the root user, and "2" blocks even the root user. kernel.kptr_restrict = 1 # Access to the kernel log buffer can be especially useful for an attacker # attempting to exploit the local kernel, as kernel addresses and detailed # call traces are frequently found in kernel oops messages. Setting # dmesg_restrict to "0" allows all users to view the kernel log buffer, # and setting it to "1" restricts access to those with CAP_SYSLOG. # # dmesg_restrict defaults to 1 via CONFIG_SECURITY_DMESG_RESTRICT, only # uncomment the following line to disable. # kernel.dmesg_restrict = 0