sst/lib/preconfigs.lisp

14 lines
394 B
Common Lisp
Raw Normal View History

; This file will contain prebaked settings designed to be dropped in.
(in-package :sst-drop-ins)
(defparameter *security-drop-ins*
'("ProtectSystem=full"
"InaccessiblePaths=/etc/shadow"
"ProtectKernelLogs=true"
"ProtectKernelModules=true"
"ProtectKernelTunables=true"
"LockPersonality=true"
"ProtectControlGroups=true"
))