Thoughts about some kernel options in generic

		LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
Thoughts about some kernel options in generic

Slackware This Forum is for the discussion of Slackware Linux.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

Are you new to LinuxQuestions.org? Visit the following links:
Site Howto | Site FAQ | Sitemap | Register Now

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.

Exclusive for LQ members, get up to 45% off per month. Click here for more info.

Search this Thread

02-05-2016, 04:56 AM	#1
BratPit Member Registered: Jan 2011 Posts: 250 Rep:	Thoughts about some kernel options in generic On the occasion of stripping generic kernel to custom I'd like to ask some questions: 1. Option x32 ABI seems useless in distribution without recompilation all packages. Some non invasive security option: 1. CONFIG_SECURITY_YAMA -Yama switching on /proc/sys/kernel/yama/ptrace_scope /default/ 1 . https://www.kernel.org/doc/Documenta...urity/Yama.txt 2.CONFIG_DEVKMEM - should be disabled 3. CONFIG_DEBUG_RODATA- This makes sure that certain kernel data sections are marked to block modification CONFIG_DEBUG_MODULE_RONX - the same for modules 4.CONFIG_CC_STACKPROTECTOR - to strong option from gcc 4.9 /there is 5.3/ 5.proc/sys/kernel/kptr_restrict set to "1" to block the reporting of known kernel address leaks to users. 6.MAybe hardlink and symlink restrictions in /proc/sys/fs/ set to 1 but this may break some world writeble shares from samba. It is only a suggestion to Pat. Last edited by BratPit; 02-05-2016 at 06:07 AM.

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
[SOLVED] setting up initrd / generic kernel in Grub2...can't load generic	Ubunoob001	Slackware	12	03-20-2015 07:32 AM
[SOLVED] Kernel Panic with generic kernel on Dell poweredge 2850 Slackware 14.1	Dieselchair	Slackware	44	08-22-2014 06:46 PM
kernel-generic and kernel-generic-smp ??	liuyug	Slackware - Installation	5	06-01-2014 07:01 PM
slack 12, switch to generic kernel from huge kernel, using grub?	jaguarrh	Slackware	8	09-19-2007 06:29 AM
Kernel 2.6.2 options question - LOCKED options ?	tvojvodi	Linux - General	0	02-17-2004 04:23 AM

All times are GMT -5. The time now is 04:49 PM.

Main Menu

(Con't)

My LQ

Write for LQ

LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.

Main Menu

Syndicate

Latest Threads

LQ News

Twitter: @linuxquestions