b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

nixos/hardened: use graphene-hardened malloc by default

Browse source
This commit is contained in:
Joachim Fasting 2019-04-23 22:21:40 +02:00
parent a84be28270
commit 48ff4f1197
No known key found for this signature in database
GPG key ID: 5C204DF675C90294
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/profiles/hardened.nix
View file

@ -14,6 +14,8 @@ with lib;
nix.allowedUsers = mkDefault [ "@users" ];
environment.memoryAllocator.provider = mkDefault "graphene-hardened";
security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true;