Enable SECURITY_DMESG_RESTRICT
Default on Debian, and seems to be reasonable for us since we also don't allow access to the system journal by default.
This commit is contained in:
parent
b54786ee1f
commit
45857ed86c
2
PKGBUILD
2
PKGBUILD
|
@ -25,7 +25,7 @@ validpgpkeys=(
|
||||||
'A2FF3A36AAA56654109064AB19802F8B0D70FC30' # Jan Alexander Steffens (heftig)
|
'A2FF3A36AAA56654109064AB19802F8B0D70FC30' # Jan Alexander Steffens (heftig)
|
||||||
)
|
)
|
||||||
sha256sums=('SKIP'
|
sha256sums=('SKIP'
|
||||||
'7e0c92e110045ae4af377d8a234b171d3732280bd973b3b304e054ee604e8e9e')
|
'7dd327c5d557b4d860676481f3b5f1c35d5335a53a0604f0289b7b02a4f54423')
|
||||||
|
|
||||||
export KBUILD_BUILD_HOST=archlinux
|
export KBUILD_BUILD_HOST=archlinux
|
||||||
export KBUILD_BUILD_USER=$pkgbase
|
export KBUILD_BUILD_USER=$pkgbase
|
||||||
|
|
2
config
2
config
|
@ -9329,7 +9329,7 @@ CONFIG_TRUSTED_KEYS=m
|
||||||
CONFIG_ENCRYPTED_KEYS=m
|
CONFIG_ENCRYPTED_KEYS=m
|
||||||
CONFIG_KEY_DH_OPERATIONS=y
|
CONFIG_KEY_DH_OPERATIONS=y
|
||||||
CONFIG_KEY_NOTIFICATIONS=y
|
CONFIG_KEY_NOTIFICATIONS=y
|
||||||
# CONFIG_SECURITY_DMESG_RESTRICT is not set
|
CONFIG_SECURITY_DMESG_RESTRICT=y
|
||||||
CONFIG_SECURITY=y
|
CONFIG_SECURITY=y
|
||||||
CONFIG_SECURITYFS=y
|
CONFIG_SECURITYFS=y
|
||||||
CONFIG_SECURITY_NETWORK=y
|
CONFIG_SECURITY_NETWORK=y
|
||||||
|
|
Loading…
Reference in New Issue