Procfs articles

Last change: 2025-01-06

Restrict systemd units to access information from the kernel tunables in the /proc and /sys directories with the unit setting ProtectKernelTunables.

What is the file /proc/kallsyms on Linux?

Last change: 2025-01-06

The file /proc/kallsysm contains a symbol table from the kernel with function and variable names. Learn about its purpose and security implications.

ProcSubset setting

Last change: 2025-01-06

Harden system and user services by restricting systemd units to access information from the /proc directory with the unit setting ProcSubset.

ProtectProc setting

Last change: 2025-01-06

Harden system and user services by restricting systemd units to access information from the /proc directory with the unit setting ProtectProc.

Understanding memory information on Linux systems

Last change: 2025-01-06

Linux memory management is an extensive subject. This guide helps you understanding the how to analyze it and obtain available memory information.

Commands:

cat
dmesg
dmidecode
free
hwinfo
ps
vmstat

Protect against ptrace of processes: kernel.yama.ptrace_scope

Last change: 2025-01-06

Using the Linux Security Module (LSM) Yama we can protect the system against the usage of ptrace. The sysctl key kernel.yama.ptrace_scope sets the behavior.

Commands:

cat
sysctl