JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

nixos/hardened: use graphene-hardened malloc by default

Browse Source
This commit is contained in:
Joachim Fasting 2019-04-23 22:21:40 +02:00
parent a84be28270
commit 48ff4f1197
No known key found for this signature in database
GPG Key ID: 5C204DF675C90294
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/profiles/hardened.nix
View File

@ -14,6 +14,8 @@ with lib;
nix.allowedUsers = mkDefault [ "@users" ]; nix.allowedUsers = mkDefault [ "@users" ];
environment.memoryAllocator.provider = mkDefault "graphene-hardened";
security.hideProcessInformation = mkDefault true; security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true; security.lockKernelModules = mkDefault true;