This is by the author of the very helpful kernel-hardening-checker: https://gith... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		anthonyryan1 on April 9, 2025 \| parent \| context \| favorite \| on: Linux Kernel Defence Map – Security Hardening Conc... This is by the author of the very helpful kernel-hardening-checker: https://github.com/a13xp0p0v/kernel-hardening-checker An interesting tool for analyzing your personal kernel config file and pointing out areas for security improvement. It's more comprehensive than KSPP (https://kspp.github.io/) but sometimes goes a little too far, suggesting disabling kernel features you may actively use. Definitely worth trying!

egberts1 on April 10, 2025 [–]

This is the way.

Close all avenues, then only open what you exactly need.

anon6362 on April 10, 2025 | [–]

By default, Linux has way, way too much functionality, insufficient testing and proof of security correctness, and not enough security controls.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact