# The contents of /proc/<pid>/maps and smaps files are only visible to
# readers that are allowed to ptrace() the process
kernel.maps_protect = 1

# Enable ExecShield protection
kernel.exec-shield = 1
kernel.randomize_va_space = 2

# Hide exposed kernel pointers
kernel.kptr_restrict = 1