[ubuntu-hardened] KASLR: enabling on x86 with "kaslr" option via '/etc/default/grub' file.
Seth Arnold
seth.arnold at canonical.com
Wed Jul 19 19:32:14 UTC 2017
On Wed, Jul 19, 2017 at 06:41:15PM +0200, daniel curtis wrote:
> I'm thinking about GRUB and '/etc/default/grub' file - that controls the
> operation of grub-mkconfig(8). Generally, I want to skip pressing 'e'
> button when menu shows up etc. There is one option:
> "GRUB_CMDLINE_LINUX_DEFAULT=" containing "quiet splash" options. Can I
> simply add "kaslr"at the very end? Then, I'll get: "quiet splash kaslr". Is
> that OK?
>
> If this is a good way to enable KASLR, then I have to automatically
> re-generate the 'grub.cfg' file, right? I know, that there are two commands
> to do this: update-grub(8) and grub-mkconfig(8).
Hi Daniel, this is exactly how the kernel command line is intended to be
used -- hand-editing for simple tests, editing the /etc/default/grub for
long-lived changes, and re-generating the _real_ grub configuration using
the update-grub command.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20170719/e6672752/attachment.pgp>
More information about the ubuntu-hardened
mailing list