Spectre (security vulnerability) fix

Want to see something new in a future version of GhostBSD? Let us know!

Moderator: Developer

Post Reply
nevets
Posts: 11
Joined: Tue Jun 23, 2020 3:54 am
Has thanked: 2 times
Been thanked: 1 time

Spectre (security vulnerability) fix

Post by nevets »

Hi,
As the Spectre (security vulnerability) is going to be an ongoing issue generally for many PCs would you consider applying the partial fix in sysctl as standard?
Currently I prevent the disable of IBRS (ie make it permanently active) by creating in /etc/sysctl.d/ a conf file containing:

# Set the IndirectBranchRestriciveSpeculation fix for Spectre 2
hw.ibrs_disable=0

This then prevents services from being able to disable the restricted speculation on-the-fly.

Steve

Post Reply