webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-16 14:03:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Set vm.mmap_min_addr to 4096 to block a security problem.

Browse Source
This commit is contained in:
Arne Fitzenreiter
2009-11-04 18:48:38 +01:00
parent 1ca249ccfb
commit dc931fbac7
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config/etc/sysctl.conf
View File

@@ -23,3 +23,4 @@ net.ipv4.conf.all.log_martians = 1
kernel.printk = 1 4 1 7
vm.swappiness=0
vm.mmap_min_addr = 4096

8
config/rootfiles/core/33/update.sh
View File

@@ -25,12 +25,16 @@
/usr/local/bin/backupctrl exclude >/dev/null 2>&1
#
#Stop services
#
#Set vm.mmap_min_addr to block a kernel security hole
grep -v "vm.mmap_min_addr" /etc/sysctl.conf > /var/tmp/sysctl.conf.tmp
echo "vm.mmap_min_addr = 4096" >> /var/tmp/sysctl.conf.tmp
mv /var/tmp/sysctl.conf.tmp /etc/sysctl.conf
sysctl -w vm.mmap_min_addr="4096"
#
extract_files
#
#Start services
#
#Update Language cache
perl -e "require '/var/ipfire/lang.pl'; &Lang::BuildCacheLang"