nixpkgs

mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-16 14:54:29 +01:00

History

Joachim Fasting 43fc394a5c grsecurity module: disable EFI runtime services by default Enabling EFI runtime services provides a venue for injecting code into the kernel. When grsecurity is enabled, we close this by default by disabling access to EFI runtime services. The upshot of this is that /sys/firmware/efi/efivars will be unavailable by default (and attempts to mount it will fail). This is not strictly a grsecurity related option, it could be made into a general option, but it seems to be of particular interest to grsecurity users (for non-grsecurity users, there are other, more immediate kernel injection attack dangers to contend with anyway).		2016-08-02 10:24:49 +02:00
..
config	nixos/pulseaudio: increase service restart time	2016-07-30 23:42:54 +02:00
hardware	nixos ati_unfree: auto-switch xorg to fglrxComat	2016-05-23 10:12:44 +02:00
i18n/input-method	fcitx: refactor (#16858 )	2016-07-11 17:50:22 +02:00
installer	nixos-version: fix syntax error and add -h (#16906 )	2016-07-13 09:11:32 +02:00
misc	version module: refactor with fileContents	2016-08-01 18:40:36 +09:00
profiles	documentation: fix start display-manager command	2016-07-04 10:25:31 +02:00
programs	tmux module: do not override keys by default in VI mode (#17330 )	2016-07-28 13:10:42 +02:00
security	grsecurity module: disable EFI runtime services by default	2016-08-02 10:24:49 +02:00
services	dnscrypt-proxy service: update resolver list	2016-08-02 09:36:22 +02:00
system	Merge pull request #17042 from rasendubi/etc	2016-07-26 09:04:10 +02:00
tasks	kbd task: fix colors in early initrd	2016-07-24 15:08:49 +03:00
testing	KDE test: Bump kdm start timeout	2016-05-27 11:22:27 +02:00
virtualisation	declarative containers: additional veths	2016-07-28 23:06:41 +02:00
module-list.nix	Revert "phpfpm service: restructured pool configuration"	2016-07-27 23:53:58 +02:00
rename.nix	nixos: rewrite the grsecurity module	2016-06-14 03:38:12 +02:00