From dbceb3a5a49fddec3de3b83e81384b452f34cb96 Mon Sep 17 00:00:00 2001 From: Tastatur Date: Fri, 29 Dec 2023 00:11:24 +0100 Subject: [PATCH] Spelling is hard --- docs/alpine-desktop-setup/post-install/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/alpine-desktop-setup/post-install/security.md b/docs/alpine-desktop-setup/post-install/security.md index abfe1d8..c6ca2b8 100644 --- a/docs/alpine-desktop-setup/post-install/security.md +++ b/docs/alpine-desktop-setup/post-install/security.md @@ -33,7 +33,7 @@ You can check the status of apparmor using `apparmor-utils`: ## Cmdline -There are a lot of kernel settings which can be passed to the command line. [Madadans-insecurity's page](https://madaidans-insecurities.github.io/guides/linux-hardening.html#kernel) describes each of their function and how they improve security of the system so lets add them to `/etc/kernel-hooks/secureboot.conf`: +There are a lot of kernel settings which can be passed to the command line to make a system more secure. [Madaidans-insecurities page](https://madaidans-insecurities.github.io/guides/linux-hardening.html#kernel) describes each of their function and how they improve security of the system so lets add them to `/etc/kernel-hooks/secureboot.conf`: ``` cmdline="... slab_nomerge init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 pti=on randomize_kstack_offset=on vsyscall=none debugfs=off module.sig_enforce=1 lockdown=confidentiality mce=0 loglevel=0 iommu=force spectre_v2=on spec_store_bypass_disable=on tsx=off tsx_async_abort=full mds=full l1ft=flush"