Added section on hardened-malloc
This commit is contained in:
parent
29595c2e46
commit
f85a8c45e3
1 changed files with 25 additions and 1 deletions
|
|
@ -95,6 +95,30 @@ vm.max_map_count=1048576
|
|||
|
||||
This list is still incomplete.
|
||||
|
||||
## Hardened Malloc
|
||||
## Blacklisting modules
|
||||
|
||||
WIP
|
||||
|
||||
## Linux-Hardened
|
||||
|
||||
WIP
|
||||
|
||||
## Hardened Malloc (WIP)
|
||||
|
||||
Musl's default memory allocator which comes with Alpine Linux is already pretty secure but not as secure as [hardened-malloc](https://github.com/GrapheneOS/hardened_malloc/):
|
||||
|
||||
```
|
||||
# apk add hardened-malloc
|
||||
```
|
||||
|
||||
Then to set it system wide edit `/etc/ld-musl-x86_64.path`:
|
||||
|
||||
```
|
||||
/usr/lib/libhardened_malloc.so
|
||||
```
|
||||
|
||||
You can also use the light variant of hardened-malloc because the default one may not work well with some graphical applications:
|
||||
|
||||
```
|
||||
/usr/lib/libhardened_malloc-light.so
|
||||
```
|
||||
|
|
|
|||
Loading…
Reference in a new issue