# See https://www.debian.org/security/2017/dsa-4073
class nodo::subsystem::sysctl::unprivileged_bpf_disabled() {
  nodo::subsystem::sysctl::entry { 'kernel.unprivileged_bpf_disabled':
    value => '1',
  }
}