set kptr_restrict=1

Resolves: #1689346
author: David Tardon <dtardon@redhat.com> 2019-12-03 14:04:00 +0100
committer: The Plumber <50238977+systemd-rhel-bot@users.noreply.github.com> 2019-12-05 15:20:44 +0100
commit: cf1a9df1171273fc1ed3f977b5ec52aba27674bf (patch)
tree: 279f6c4f6b0912e639a2fe283be353c4961970d6 /sysctl.d
parent: b47f26558e5234ec8cf2ecc3674c94a87f20ec69 (diff)
download: systemd-cf1a9df1171273fc1ed3f977b5ec52aba27674bf.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/sysctl.d/50-default.conf b/sysctl.d/50-default.conf
index e263cf0628..e0afc9c702 100644
--- a/sysctl.d/50-default.conf
+++ b/sysctl.d/50-default.conf
@@ -21,6 +21,9 @@ kernel.sysrq = 16
 # Append the PID to the core filename
 kernel.core_uses_pid = 1
 
+# https://bugzilla.redhat.com/show_bug.cgi?id=1689346
+kernel.kptr_restrict = 1
+
 # Source route verification
 net.ipv4.conf.all.rp_filter = 1
author	David Tardon <dtardon@redhat.com>	2019-12-03 14:04:00 +0100
committer	The Plumber <50238977+systemd-rhel-bot@users.noreply.github.com>	2019-12-05 15:20:44 +0100
commit	cf1a9df1171273fc1ed3f977b5ec52aba27674bf (patch)
tree	279f6c4f6b0912e639a2fe283be353c4961970d6 /sysctl.d
parent	b47f26558e5234ec8cf2ecc3674c94a87f20ec69 (diff)
download	systemd-cf1a9df1171273fc1ed3f977b5ec52aba27674bf.tar.gz