From 9d96dbb92818cefd9ade07efb89a59f6723da75f Mon Sep 17 00:00:00 2001 From: Shawn Webb Date: Mon, 7 Nov 2022 09:12:03 -0500 Subject: [PATCH] Document hardening core dumps Signed-off-by: Shawn Webb --- Home.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Home.md b/Home.md index 10284d7..79057ef 100644 --- a/Home.md +++ b/Home.md @@ -126,6 +126,7 @@ when `PAX_HARDENING` is enabled in the kernel: | Node | Description | Type | Original Value | Hardened Value | |:-------------------------------------:|:------------------------------------------------------------------------------:|:-------:|:--------------:|:---------------------------------------:| +| kern.coredump | Enable/Disable coredumps | Integer | 1 | 0 | | kern.msgbuf_show_timestamp | Show timestamp in msgbuf | Integer | 0 | 1 | | kern.randompid | Random PID Modulus | Integer | 0, read+write | Randomly set at boot and made read-only | | machdep.efi_map | Dump EFI physical-to-virtual mappings, infoleak as feature | String | Available to all | Available only to unjailed privileged process |