12 lines
532 B
Plaintext
12 lines
532 B
Plaintext
# Protect the zero page of memory from userspace mmap to prevent kernel
|
|
# NULL-dereference attacks against potential future kernel security
|
|
# vulnerabilities. (Added in kernel 2.6.23.)
|
|
#
|
|
# While this default is built into the Ubuntu kernel, there is no way to
|
|
# restore the kernel default if the value is changed during runtime; for
|
|
# example via package removal (e.g. wine, dosemu). Therefore, this value
|
|
# is reset to the secure default each time the sysctl values are loaded.
|
|
#
|
|
# ARM-specific default:
|
|
vm.mmap_min_addr = 32768
|