Small systemd hardening

Kicksecure / security-misc

Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc

https://www.kicksecure.com/wiki/Impressum

Other

517 stars 51 forks source link

Small systemd hardening #171

Closed monsieuremre closed 11 months ago

monsieuremre commented 1 year ago

Just allow native architecture calls. From what I understand, 32 bit binaries would not benefit from ASLR due to the incredibly small address space and might cause other programs to have less effective ASLR too. Apparently this can also cause other security issues and it is in general recommended not to execute anything non-native.

Also once again core dump.

monsieuremre commented 11 months ago

Very little benefits that don't compensate the added complexity, so closing.