From 89b60df59cfe793452041b5a28e01a7b2c01b60b Mon Sep 17 00:00:00 2001
From: Silvino <silvino@bk.ru>
Date: Wed, 19 Jun 2019 00:54:23 +0100
Subject: fix core conf sysctl.conf

---
 core/conf/sysctl.conf | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'core/conf')

diff --git a/core/conf/sysctl.conf b/core/conf/sysctl.conf
index d50520e..3cc54d1 100644
--- a/core/conf/sysctl.conf
+++ b/core/conf/sysctl.conf
@@ -15,6 +15,9 @@ vm.mmap_min_addr=65536
 # Allow for more PIDs (to reduce rollover problems); may break some programs 32768
 kernel.pid_max = 65536
 
+#Yama LSM by default
+kernel.yama.ptrace_scope = 1
+
 #
 # Filesystem Protections
 #
@@ -30,6 +33,8 @@ kernel.kptr_restrict = 2
 # Network Protections
 #
 
+net.core.bpf_jit_enable = 0
+
 # Increase Linux auto tuning TCP buffer limits
 # min, default, and max number of bytes to use
 # set max to at least 4MB, or higher if you use very high BDP paths
@@ -94,6 +99,7 @@ net.ipv4.conf.default.rp_filter = 1
 #net.ipv6.conf.default.rp_filter = 1
 #net.ipv6.conf.all.rp_filter = 1
 
+
 # Make sure no one can alter the routing tables
 # Act as a router, necessary for Access Point
 net.ipv4.conf.all.accept_redirects = 0
@@ -134,3 +140,4 @@ net.ipv4.tcp_keepalive_time = 1800
 net.ipv4.tcp_synack_retries = 3
 
 # End of file
+
-- 
cgit 1.4.1-2-gfad0