public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/hardened profile: lock kernel modules

Browse Source
This commit is contained in:
Joachim Fasting 2017-04-29 22:46:20 +02:00
parent 878ad1ce6e
commit 6a5a5728ee
No known key found for this signature in database
GPG Key ID: 7544761007FE4E08
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/profiles/hardened.nix
View File

@ -8,6 +8,8 @@ with lib;
{ {
security.hideProcessInformation = mkDefault true; security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true;
security.apparmor.enable = mkDefault true; security.apparmor.enable = mkDefault true;
boot.kernelParams = [ boot.kernelParams = [