Re: [arch-dev-public] Trimming down our default kernel configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Am 26.03.2014 21:31, schrieb Leonid Isaev:
> On Wed, 26 Mar 2014 21:00:15 +0100
> Thomas Bächler <thomas@xxxxxxxxxxxxx> wrote:
> 
>> Am 26.03.2014 20:18, schrieb Leonid Isaev:
>>> However, I don't think that Yama requires any userspace components, does
>>> it? Currently, I boot with "security=yama" and completely disabled
>>> non-admin ptrace (kernel.yama.ptrace_scope=2). Perhaps -ARCH kernels
>>> should keep Yama available albeit disabled by default (as they now do).
>>
>> Once yama is built-in, the ptrace_scope protection is enabled by
>> default. There is no option to change that.
>>
> 
> But by default, kernel.yama.ptrace_scope = 0

No. The default is 1.

Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux