pyrox.dev
kernel: Make SECURITY_YAMA optional
It's highly recommended, but not required to run NixOS.
authored by Aneesh Agrawal and committed by Franz Pletz f0602d2d a000ed18
+1
-1
pkgs/os-specific/linux/kernel/common-config.nix
+1
-1
pkgs/os-specific/linux/kernel/common-config.nix
···
284
284
RANDOMIZE_BASE? y
285
285
STRICT_DEVMEM y # Filter access to /dev/mem
286
286
SECURITY_SELINUX_BOOTPARAM_VALUE 0 # Disable SELinux by default
287
-
SECURITY_YAMA y # Prevent processes from ptracing non-children processes
287
+
SECURITY_YAMA? y # Prevent processes from ptracing non-children processes
288
288
DEVKMEM n # Disable /dev/kmem
289
289
${if versionOlder version "3.14" then ''
290
290
CC_STACKPROTECTOR? y # Detect buffer overflows on the stack