| Server IP : 209.38.156.173 / Your IP : 216.73.216.122 [ Web Server : Apache/2.4.52 (Ubuntu) System : Linux lakekumayuhotel 5.15.0-136-generic #147-Ubuntu SMP Sat Mar 15 15:53:30 UTC 2025 x86_64 User : root ( 0) PHP Version : 8.1.2-1ubuntu2.22 Disable Function : NONE Domains : 2 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /etc/sysctl.d/ |
Upload File : |
# These settings are specific to hardening the kernel itself from attack # from userspace, rather than protecting userspace from other malicious # userspace things. # # # When an attacker is trying to exploit the local kernel, it is often # helpful to be able to examine where in memory the kernel, modules, # and data structures live. As such, kernel addresses should be treated # as sensitive information. # # Many files and interfaces contain these addresses (e.g. /proc/kallsyms, # /proc/modules, etc), and this setting can censor the addresses. A value # of "0" allows all users to see the kernel addresses. A value of "1" # limits visibility to the root user, and "2" blocks even the root user. kernel.kptr_restrict = 1 # Access to the kernel log buffer can be especially useful for an attacker # attempting to exploit the local kernel, as kernel addresses and detailed # call traces are frequently found in kernel oops messages. Setting # dmesg_restrict to "0" allows all users to view the kernel log buffer, # and setting it to "1" restricts access to those with CAP_SYSLOG. # # dmesg_restrict defaults to 1 via CONFIG_SECURITY_DMESG_RESTRICT, only # uncomment the following line to disable. # kernel.dmesg_restrict = 0