dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

fix: mitigation for CVE-2024-6387

Browse source
This commit is contained in:
Tim Schubert 2024-07-01 13:26:45 +02:00
parent d6ef9e0685
commit 82655a38a7
Signed by: dadada
SSH key fingerprint: SHA256:bFAjFH3hR8zRBaJjzQDjc3o4jqoq5EZ87l+KXEjxIz0
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
nixos/modules/profiles/base.nix
View file

@ -49,5 +49,10 @@ in
}; };
programs.zsh.enable = mkDefault true; programs.zsh.enable = mkDefault true;
# Mitigation for CVE-2024-6387
# Might be vulnerable to DOS, but better than RCE ...
# https://github.com/NixOS/nixpkgs/pull/323753#issuecomment-2199762128
services.openssh.settings.LoginGraceTime = 0;
} }