Security - kptr restricted

Description

Non-root users should have no access to kernel symbols in /proc/kallsyms

Solution

echo 'kernel.kptr_restrict = 1' >/etc/sysctl.d/50-kptr-restrict.conf && sysctl -p

Check Script: security-kptr_restrict.sh

if [ $(/sbin/sysctl -n kernel.kptr_restrict) == "1" ]; then
	result_ok
else
	result_failed "Kernel symbols in /proc/kallsyms are not restricted to root only!"
fi
Show Disqus Comments