Disable SYSRQ support by default for added security
The magic SysRq is meant for development and debugging. Instead of
trying to determine whether it can be used to break into a Linux system,
we decided to pre-emptively steer clear of any potential security
vulnerabilities by disabling it by default.
Developers can re-enable it through sysctl or by using the kernel
command line option sysrq_always_enabled.
Change-Id: If448006869b5662e76f9caa5e01d6668c5d709eb
diff --git a/include/linux/sysrq.h b/include/linux/sysrq.h
index 7faf933..386032ae 100644
--- a/include/linux/sysrq.h
+++ b/include/linux/sysrq.h
@@ -18,7 +18,7 @@
#include <linux/types.h>
/* Enable/disable SYSRQ support by default (0==no, 1==yes). */
-#define SYSRQ_DEFAULT_ENABLE 1
+#define SYSRQ_DEFAULT_ENABLE 0
/* Possible values of bitmask for enabling sysrq functions */
/* 0x0001 is reserved for enable everything */