diff options
Diffstat (limited to 'nixos/doc/manual/configuration/profiles/hardened.xml')
-rw-r--r-- | nixos/doc/manual/configuration/profiles/hardened.xml | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/nixos/doc/manual/configuration/profiles/hardened.xml b/nixos/doc/manual/configuration/profiles/hardened.xml deleted file mode 100644 index 4a51754cc7a..00000000000 --- a/nixos/doc/manual/configuration/profiles/hardened.xml +++ /dev/null @@ -1,32 +0,0 @@ -<section xmlns="http://docbook.org/ns/docbook" - xmlns:xlink="http://www.w3.org/1999/xlink" - xmlns:xi="http://www.w3.org/2001/XInclude" - version="5.0" - xml:id="sec-profile-hardened"> - <title>Hardened</title> - - <para> - A profile with most (vanilla) hardening options enabled by default, - potentially at the cost of stability, features and performance. - </para> - - <para> - This includes a hardened kernel, and limiting the system information - available to processes through the <filename>/sys</filename> and - <filename>/proc</filename> filesystems. It also disables the User Namespaces - feature of the kernel, which stops Nix from being able to build anything - (this particular setting can be overriden via - <xref linkend="opt-security.allowUserNamespaces"/>). See the - <literal - xlink:href="https://github.com/nixos/nixpkgs/tree/master/nixos/modules/profiles/hardened.nix"> - profile source</literal> for further detail on which settings are altered. - </para> - <warning> - <para> - This profile enables options that are known to affect system - stability. If you experience any stability issues when using the - profile, try disabling it. If you report an issue and use this - profile, always mention that you do. - </para> - </warning> -</section> |