From 624a6b4f978d697f81f5527b54879db1c430be86 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Fri, 22 Sep 2017 16:30:57 +0100
Subject: [PATCH] Ensure address space layout randomization

---
 src/freedombone-utils-firewall | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall
index d82306acf..7f9ec36f7 100755
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -290,6 +290,11 @@ function configure_internet_protocol {
         sed -i "s|#net.ipv4.conf.default.accept_redirects.*|net.ipv4.conf.default.accept_redirects = 0|g" /etc/sysctl.conf
         sed -i "s|net.ipv4.conf.default.accept_redirects.*|net.ipv4.conf.default.accept_redirects = 0|g" /etc/sysctl.conf
     fi
+    if ! grep -q "kernel.randomize_va_space" /etc/sysctl.conf; then
+        echo "kernel.randomize_va_space=2" >> /etc/sysctl.conf
+    else
+        sed -i 's|kernel.randomize_va_space.*|kernel.randomize_va_space=2|g' /etc/sysctl.conf
+    fi
     mark_completed $FUNCNAME
 }
 
-- 
GitLab