Make kernel text and rodata read-only
configname: CONFIG_STRICT_KERNEL_RWX
Linux Kernel Configuration
└─>General architecture-dependent options
└─>Make kernel text and rodata read-only
In linux kernel since version 3.10 (release Date: 2013-06-30)
If this is set, kernel text and rodata memory will be made read-only,
and non-text memory will be made non-executable. This provides
protection against certain security exploits (e.g. executing the heap
or modifying text)
These features are considered standard security practice these days.
You should say Y here in almost all cases.
and non-text memory will be made non-executable. This provides
protection against certain security exploits (e.g. executing the heap
or modifying text)
These features are considered standard security practice these days.
You should say Y here in almost all cases.