diff --git a/modules/security/default.nix b/modules/security/default.nix
index 4ae5302..5b01fc2 100644
--- a/modules/security/default.nix
+++ b/modules/security/default.nix
@@ -3,9 +3,6 @@
 , ...
 }: {
   ## System security tweaks
-  # sets hidepid=2 on /proc (make process info visible only to owning user)
-  # NOTE Was removed on nixpkgs-unstable because it doesn't do anything
-  # security.hideProcessInformation = true;
   # Prevent replacing the running kernel w/o reboot
   security.protectKernelImage = lib.mkDefault true;
 
@@ -14,7 +11,7 @@
   boot.tmp.useTmpfs = lib.mkDefault true;
   # If not using tmpfs, which is naturally purged on reboot, we must clean it
   # /tmp ourselves. /tmp should be volatile storage!
-  boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmpOnTmpfs);
+  boot.tmp.cleanOnBoot = lib.mkDefault (!config.boot.tmp.useTmpfs);
 
   # Fix a security hole in place for backwards compatibility. See desc in
   # nixpkgs/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix