On Sun, Mar 07, 2010 at 10:11:11AM +1100, Craig Small wrote:
> On Fri, Mar 05, 2010 at 09:25:49PM +0100, Christoph Anton Mitterer wrote:
> > I think it would be a good idea to use at least the settings blow per
> > default:
> You're asking in the wrong place then. To change the default behaviour
> of the kernel, you need to apply this bug to the kernel, not procps.
>
> sysctl.conf is for suggested things that are off by default. Or perhaps
> more correctly can be changed but by default are not changed.
If you want to modify kernel defaults you'll need to discuss the
specific options with upstream, we won't differ in the Debian kernel
configuration.
For now I'd suggest to address Christoph's proposed changes through
the harden package. It appears to be designed for exactly this
purpose. Christoph, what do you think?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
