public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/hardened: use graphene-hardened malloc by default

Browse Source
This commit is contained in:
Joachim Fasting
2019-04-23 22:21:40 +02:00
parent a84be28270
commit 48ff4f1197
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/profiles/hardened.nix
View File

@@ -14,6 +14,8 @@ with lib;
nix.allowedUsers = mkDefault [ "@users" ];
environment.memoryAllocator.provider = mkDefault "graphene-hardened";
security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true;